堆栈内存溢出
  简体   繁体   English

如何使用 java 5 从 azure Vault 中检索秘密?

[英]how to retrieve secrets from azure vault using java 5?

 原文  2020-08-31 16:37:49       java/ azure/ api

问题描述

I have to retrieve secrets from Azure Vault but my app uses jdk 5. This is a problem because the azure libraries used and described in Microsoft docs require at minimum jdk 8 and upgrading the jdk is not an option.我必须从 Azure Vault 检索机密,但我的应用程序使用 jdk 5。这是一个问题,因为 Microsoft 文档中使用和描述的 azure 库至少需要 jdk 8,并且升级 jdk 不是一种选择。

The client's architect says that I can consume some vault api and use bouncy castle's tls api to achieve this but I'm not sure what is he talking about.客户的架构师说我可以使用一些保险库 api 并使用充气城堡的 tls api 来实现这一点,但我不确定他在说什么。

This sounds too low level.这听起来太低级了。 I'm asking for guidance, some superfluous explanation can get me going.我在寻求指导,一些多余的解释可以让我继续前进。 How can I obtain secrets using Java 5?如何使用 Java 5 获取机密?

1 个解决方案

解决方案1
 2 已采纳  2020-09-01 05:39:09

As the architect says, you could retrieve a secret from Key Vault by Key Vault REST API instead of azure libraries.正如架构师所说,您可以通过 Key Vault REST API 而不是 azure 库从 Key Vault 检索机密。

GET https://{yourvault}.vault.azure.net/secrets?api-version=7.1

This API is used to list secrets in a specified key vault.API用于列出指定密钥保管库中的机密。 And you could get a specified secret from a given key vault by this link .您可以通过此链接从给定的密钥保管库中获取指定的机密。

First, get access_token with Post viaApacheHttpClient .首先,通过ApacheHttpClient使用Post获取 access_token。

POST https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token
Content-Type: application/x-www-form-urlencoded

client_id={your-client-id}
&scope=https%3A%2F%2Fvault.azure.net%2F.default
&client_secret={your-client-secret}
&grant_type=client_credentials

Then, call the REST API with Get viaApacheHttpClient .然后,通过ApacheHttpClient使用Get调用 REST API。

GET https://{yourvault}.vault.azure.net/secrets?api-version=7.1
Authorization: Bearer {access_token}

I try this with Postman, and it works well.我用 Postman 试过这个,效果很好。 You could use httpclient to obtain secrets by java.您可以使用 httpclient 通过 java 获取机密。

在此处输入图片说明

Note:笔记:

Navigate to Azure Portal > Key vaults > your_key_vault > Access policies > Add Access Policy.导航到 Azure 门户 > 密钥保管库 > your_key_vault > 访问策略 > 添加访问策略。 In secret permissions field, select desired permissions and Select Principal section, select the application that you are using to access the secret.在机密权限字段中,选择所需权限和选择主体部分,选择您用于访问机密的应用程序。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何从Azure Key Vault检索私钥 - How to retrieve a PrivateKey from Azure Key Vault How connect to Azure Key Vault from java backend using Azure Java SDK? - How connect to Azure Key Vault from java backend using Azure Java SDK? 是否有 Java 中的工作代码与 Azure Keyvault 连接以使用托管服务标识检索机密 - Is there a working code in Java to connect with Azure Keyvault to retrieve secrets using managed service identities 使用 Java 对 Azure Key Vault 进行身份验证 - Authenticating Azure Key Vault using Java 使用 Java 的 Azure Key Vault 证书管理 - Azure Key Vault Certificate Management using Java 使用Java连接Azure Key Vault时出错 - Error Connecting Azure Key Vault using Java 从 Azure Key Vault 检索证书(JKS 或 PFX) - Retrieve the certificate (JKS or PFX) from Azure Key Vault 无法从运行 Java 的 Lambda 检索 AWS 机密 - Unable to retrieve AWS Secrets from Lambda running Java 如何使用服务到服务身份验证将Java本地开发到Azure Key Vault? - How do you use service-to-service authentication for local development to Azure Key Vault using Java? 如何通过 Java SDK 在 Azure Key Vault 中创建密钥? - How to create key in Azure Key Vault by Java SDK?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM