本文翻译自:Only using @JsonIgnore during serialization, but not deserialization
I have a user object that is sent to and from the server. 我有一个发送到服务器或从服务器发送的用户对象。 When I send out the user object, I don't want to send the hashed password to the client. 发送用户对象时,我不想将哈希密码发送给客户端。 So, I added @JsonIgnore
on the password property, but this also blocks it from being deserialized into the password that makes it hard to sign up users when they ain't got a password. 因此,我在password属性上添加了@JsonIgnore
,但这也阻止了将其反序列化为密码,这使得在没有密码的情况下很难注册用户。
How can I only get @JsonIgnore
to apply to serialization and not deserialization? 我怎样才能只将@JsonIgnore
应用于序列化而不是反序列化? I'm using Spring JSONView, so I don't have a ton of control over the ObjectMapper
. 我正在使用Spring JSONView,所以我对ObjectMapper
的控制不多。
Things I've tried: 我尝试过的事情:
- Add
@JsonIgnore
to the property 将@JsonIgnore
添加到属性 - Add
@JsonIgnore
on the getter method only@JsonIgnore
在getter方法上添加@JsonIgnore
#1楼
参考:https://stackoom.com/question/qT9p/仅在序列化过程中使用-JsonIgnore-而不是反序列化
#2楼
Exactly how to do this depends on the version of Jackson that you're using. 确切的操作方法取决于您使用的Jackson版本。 This changed around version 1.9 , before that, you could do this by adding @JsonIgnore
to the getter. 这在1.9版之前发生了变化,在此之前,您可以通过在getter中添加@JsonIgnore
来实现。
Which you've tried: 您尝试过的:
Add @JsonIgnore on the getter method only 仅在getter方法上添加@JsonIgnore
Do this, and also add a specific @JsonProperty
annotation for your JSON "password" field name to the setter method for the password on your object. 执行此操作, 然后将JSON“密码”字段名称的特定@JsonProperty
批注添加到对象密码的setter方法中。
More recent versions of Jackson have added READ_ONLY
and WRITE_ONLY
annotation arguments for JsonProperty
. 最近杰克逊的版本增加了READ_ONLY
和WRITE_ONLY
注释论据JsonProperty
。 So you could also do something like: 因此,您还可以执行以下操作:
@JsonProperty(access = Access.WRITE_ONLY)
private String password;
Docs can be found here . 可以在这里找到文档。
#3楼
In order to accomplish this, all that we need is two annotations: 为了做到这一点,我们需要的是两个注释:
-
@JsonIgnore
-
@JsonProperty
Use @JsonIgnore
on the class member and its getter, and @JsonProperty
on its setter. 使用@JsonIgnore
类成员和其吸气剂,并在@JsonProperty
它的制定者。 A sample illustration would help to do this: 示例示例将有助于实现此目的:
class User {
// More fields here
@JsonIgnore
private String password;
@JsonIgnore
public String getPassword() {
return password;
}
@JsonProperty
public void setPassword(final String password) {
this.password = password;
}
}
#4楼
In my case, I have Jackson automatically (de)serializing objects that I return from a Spring MVC controller (I am using @RestController with Spring 4.1.6). 就我而言,我让Jackson从Spring MVC控制器返回的对象自动(反序列化)对象(我在Spring 4.1.6中使用@RestController)。 I had to use com.fasterxml.jackson.annotation.JsonIgnore
instead of org.codehaus.jackson.annotate.JsonIgnore
, as otherwise, it simply did nothing. 我不得不使用com.fasterxml.jackson.annotation.JsonIgnore
而不是org.codehaus.jackson.annotate.JsonIgnore
,否则,它什么也没做。
#5楼
Since version 2.6: a more intuitive way is to use the com.fasterxml.jackson.annotation.JsonProperty
annotation on the field: 从2.6版开始:一种更直观的方法是在字段上使用com.fasterxml.jackson.annotation.JsonProperty
批注:
@JsonProperty(access = Access.WRITE_ONLY)
private String myField;
Even if a getter exists, the field value is excluded from serialization. 即使存在吸气剂,该字段值也会从序列化中排除。
JavaDoc says: JavaDoc说:
/**
* Access setting that means that the property may only be written (set)
* for deserialization,
* but will not be read (get) on serialization, that is, the value of the property
* is not included in serialization.
*/
WRITE_ONLY
In case you need it the other way around, just use Access.READ_ONLY
. 万一您需要它,只需使用Access.READ_ONLY
。
#6楼
"user": {
"firstName": "Musa",
"lastName": "Aliyev",
"email": "klaudi2012@gmail.com",
"passwordIn": "98989898", (or encoded version in front if we not using https)
"country": "Azeribaijan",
"phone": "+994707702747"
}
@CrossOrigin(methods=RequestMethod.POST)
@RequestMapping("/public/register")
public @ResponseBody MsgKit registerNewUsert(@RequestBody User u){
root.registerUser(u);
return new MsgKit("registered");
}
@Service
@Transactional
public class RootBsn {
@Autowired UserRepository userRepo;
public void registerUser(User u) throws Exception{
u.setPassword(u.getPasswordIn());
//Generate some salt and setPassword (encoded - salt+password)
User u=userRepo.save(u);
System.out.println("Registration information saved");
}
}
@Entity
@JsonIgnoreProperties({"recordDate","modificationDate","status","createdBy","modifiedBy","salt","password"})
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
private Long id;
private String country;
@Column(name="CREATED_BY")
private String createdBy;
private String email;
@Column(name="FIRST_NAME")
private String firstName;
@Column(name="LAST_LOGIN_DATE")
private Timestamp lastLoginDate;
@Column(name="LAST_NAME")
private String lastName;
@Column(name="MODIFICATION_DATE")
private Timestamp modificationDate;
@Column(name="MODIFIED_BY")
private String modifiedBy;
private String password;
@Transient
private String passwordIn;
private String phone;
@Column(name="RECORD_DATE")
private Timestamp recordDate;
private String salt;
private String status;
@Column(name="USER_STATUS")
private String userStatus;
public User() {
}
// getters and setters
}