jiazhai commented on a change in pull request #6763: [docs] Fix encryption
examples
URL: https://github.com/apache/pulsar/pull/6763#discussion_r410695622
##########
File path: site2/docs/security-encryption.md
##########
@@ -160,16 +165,15 @@ When producers want to encrypt the messages with
multiple keys, producers add al
If you need to encrypt the messages using 2 keys (myapp.messagekey1 and
myapp.messagekey2), refer to the following example.
```java
-conf.addEncryptionKey("myapp.messagekey1");
-conf.addEncryptionKey("myapp.messagekey2");
+PulsarClient.newProducer().addEncryptionKey("myapp.messagekey1").addEncryptionKey("myapp.messagekey2");
```
## Decrypt encrypted messages at the consumer application
Consumers require access one of the private keys to decrypt messages that the
producer produces. If you want to receive encrypted messages, create a public
or private key and give your public key to the producer application to encrypt
messages using your public key.
## Handle failures
* Producer/ Consumer loses access to the key
- * Producer action fails indicating the cause of the failure. Application has
the option to proceed with sending unencrypted message in such cases. Call
conf.setCryptoFailureAction(ProducerCryptoFailureAction) to control the
producer behavior. The default behavior is to fail the request.
- * If consumption fails due to decryption failure or missing keys in
consumer, application has the option to consume the encrypted message or
discard it. Call conf.setCryptoFailureAction(ConsumerCryptoFailureAction) to
control the consumer behavior. The default behavior is to fail the request.
Application is never able to decrypt the messages if the private key is
permanently lost.
+ * Producer action fails indicating the cause of the failure. Application has
the option to proceed with sending unencrypted message in such cases. Call
PulsarClient.newProducer().cryptoFailureAction(ProducerCryptoFailureAction.SEND)
to control the producer behavior. The default behavior is to fail the request.
+ * If consumption fails due to decryption failure or missing keys in
consumer, application has the option to consume the encrypted message or
discard it. Call
PulsarClient.newConsumer().cryptoFailureAction(ConsumerCryptoFailureAction.DISCARD)
to control the consumer behavior. The default behavior is to fail the request.
Application is never able to decrypt the messages if the private key is
permanently lost.
Review comment:
In above 2 lines `SEND` and `DISCARD` should be removed?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
