简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  Java  >  How to Ignore Sensitive Fields in JSON Responses from Spring MVC?

How to Ignore Sensitive Fields in JSON Responses from Spring MVC?

Barbara Streisand
Barbara StreisandOriginal
2024-10-26 09:40:30691browse

How to Ignore Sensitive Fields in JSON Responses from Spring MVC?

Ignore Sensitive Fields in JSON Responses from Spring MVC

When handling sensitive information in a RESTful API, it's crucial to control which fields of a model object are exposed in JSON responses. In Spring MVC, you can dynamically exclude specific fields while sending an object as JSON.

Model Object Design with Annotation

Configure your Java model class (@Entity) with the @JsonIgnoreProperties(ignoreUnknown = true) annotation. This will ignore any unknown properties when deserializing JSON into the object.

<code class="java">@Entity
@Table(name = "user")
@JsonIgnoreProperties(ignoreUnknown = true)
public class User {
    // ... (Model fields)
}</code>

Controller Method

In the Spring MVC controller, retrieve the user object from the database using a service layer.

<code class="java">@RequestMapping(value = "/getUser/{userId}", method = RequestMethod.GET)
@ResponseBody
public User getUser(@PathVariable Integer userId) throws Exception {
    User user = userService.get(userId);
    return user;
}</code>

Selective Exclusion Using Annotations

To selectively exclude specific fields, annotate the corresponding getter methods with @JsonIgnore. This will ignore these fields during JSON serialization.

<code class="java">@JsonIgnore
public String getEncryptedPwd() {
    return encryptedPwd;
}</code>

Dynamic Exclusion

If the list of fields to be excluded varies based on the user, you can implement a custom solution:

<code class="java">@RequestMapping(value = "/getUser/{userId}", method = RequestMethod.GET)
@ResponseBody
public User getUser(@PathVariable Integer userId, @RequestHeader("username") String username) {
    User user = userService.get(userId);
    
    // Get excluded fields list based on the logged-in user
    List<String> excludedFields = getExcludedFields(username);
    
    // Iterate through the excluded fields and set their values to null
    for (String field : excludedFields) {
        switch (field) {
            case "encryptedPwd":
                user.setEncryptedPwd(null);
                break;
            // ... (Similar logic for other fields)
        }
    }
    
    return user;
}</code>

The above is the detailed content of How to Ignore Sensitive Fields in JSON Responses from Spring MVC?. For more information, please follow other related articles on the PHP Chinese website!

Java mvc spring restful json Object while using class this database
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:How Can I Safely Cast a Long to an Int in Java 8 and Beyond?Next article:How Can I Safely Cast a Long to an Int in Java 8 and Beyond?

Related articles

See more