Spring Vault 2.0.2 已发布,主要包含 bug 修复和依赖更新,以及一些小的改进。
Provide a richer subclass strata of VaultException
Release Spring Vault 2.0.1.RELEASE
Upgrade to Vault 0.10.0
VaultTokenRequest noParent field serializes incorrectly in JSON
ClientHttpRequestFactoryFactory checks for wrong Netty class on path (Spring Data Redis conflict)
Upgrade to Spring Framework 5.0.6
Upgrade to netty 4.1.25.Final
Upgrade to Vault 0.10.3
Issuing PKI certificate with TTL results in Vault error due to number format
Upgrade to Apache HttpClient 4.5.6
Upgrade to HttpCore 4.4.10
Upgrade to Netty 4.1.28.Final
Upgrade to Jackson 2.9.6
Upgrade to AWS SDK 1.11.376
Generate subject alt name in local certificate
Add support for Azure Auth Method
Pretty-print JSON for policy creation
Upgrade to Spring Framework 5.0.8
Fix reference documentation links
Upgrade to netty 4.1.29.Final
Upgrade to AWS SDK 1.11.404
Upgrade to Reactor Bismuth SR11
Upgrade to Spring Framework 5.0.9
Upgrade to Spring Security 5.0.7
Upgrade to Spring Data Kay SR10
Spring Vault 提供熟悉的 Spring 抽象和客户端支持,用于访问,存储和撤销机密。它提供了与 Vault 交互的低级和高级抽象,使用户免于基础设施问题。
<dependencies> <dependency> <groupId>org.springframework.vault</groupId> <artifactId>spring-vault-core</artifactId> <version>2.0.2.RELEASE</version> </dependency> </dependencies>
Hashicorp Vault是一个工具,它为开发人员提供了以安全的方式进行安全的存取,比如API 令牌、SSL 证书和口令。它还处理用户的访问控制,具有撤销令牌的能力。除此之外,它还有审计功能,可以用它来跟踪用户。
想要采用Vault 的Java开发人员通常会面对CLI或API的选择。因此,当从JVM调用Vault时,很可能开发人员会选择API并实现它们自己的客户端类库。Spring Vault让开发人员不必再自己做这件事了,它为此提供了一个开源项目。它还以商业企业Pivotal作为后盾。
尽管它本身不依赖于Spring,但高层设计原则和抽象是类似的,目的是减少为开发人员提供的样板代码。这意味着该框架不仅可被普通Java开发人员采用,更特别适用于Spring开发人员。