rdhabalia commented on code in PR #16234:
URL: https://github.com/apache/pulsar/pull/16234#discussion_r916343142
##########
pulsar-websocket/src/main/java/org/apache/pulsar/websocket/service/WebSocketProxyConfiguration.java:
##########
@@ -245,6 +245,11 @@ public class WebSocketProxyConfiguration implements
PulsarConfiguration {
)
private Set<String> webServiceTlsCiphers = new TreeSet<>();
+ @FieldContext(
+ doc = "CryptoKeyReader factory classname to support encryption at
websocket."
+ )
+ private String cryptoKeyReaderFactoryClassName;
Review Comment:
Websocket proxy can be used at client side and user would like to take care
entire encryption complexity at websocket. Keys are generally stored into CKMS.
and cryptoKeyReader just utility to read those keys. So, producer provides name
of encryption-key and websocket takes care rest of the complexity.
so, this feature will be useful when single tenant deploys websocket proxy
at client side and avoid any encryption complexity.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
