Hi, The current implementation of secure vault functionality reside in carbon core component. So to make secure vault functionality available for non OSGI context, It can be separated out this piece of functionality as an OSGI bundle and remove tight coupling in code with OSGI context and users who wants to access non OSGI secure vault can get the separated bundle as a maven dependency. According to the current design there are three main sub components in secure vault.
1. Secret Repository 2. Master Key Reader 3. Secure Vault OSGI service. It can be plugged any secret repository implementation or any master key reader implementation to the code with the current implementation as pointed out in diagram [1]. To expose these functionality via java SPI, it can be loaded secret repository and master key reader implementations to SecureVaultComponent via ServiceLoader class. Custom Secret Repositories and Custom Master key readers will be service providers. Then current SecureVault interface and implementation can be used without any redesign in code. Appreciate your thoughts and concerns on this. [1] SecureVault UML <https://drive.google.com/file/d/0B9KDy4GJKr1vS0NUOG5CRXhpMDg/view?usp=sharing> Thanks, -- Lakshman Udayakantha WSO2 Inc. www.wso2.com lean.enterprise.middleware Mobile: 0717429601
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
