use JPA entity mapping while storing the entity but ignore fields or a particular table while reading back

Question

I am using similar code to what is listed in: How to map one class with multiple tables in Hibernate/javax.persistance?

I was trying to write a sample login program, based on above example I map my user class to secondary table where I store password field. now when I retrieve back user entity. I also get secondary table field so password is also available in user object.

Is it possible, that during registration I want to use secondary table storage method but when I read back. it should not return password back with user?

How can I achieve this? I am looking for some JPA way like @transient ignore the particular column.

you are always in control of what is returned from a query, via entity graphs — Neil Stockton, Jan 02 '16 at 10:56

Michele Mariotti · Answer 1 · 2016-01-03T11:38:29.090

I wouldn't go for such implementation.

Best practice is to never store a clear-text password, but a digest instead:

@Entity
public class Account
{
    @Column
    private String username;

    @Column(length = 32)
    private String password;

    public String getUsername()
    {
        return username;
    }

    public void setUsername(String username)
    {
        this.username = username;
    }

    public String getPassword()
    {
        return password;
    }

    public void setPassword(String password)
    {
        this.password = DigestUtils.md5Hex(password);
    }
}

It's an uncommon requirement, and JPA patterns will do their best to fight against you :)

But... some way may still be possible:

using Entity Listeners:

@Entity
public class Account
{
    @Column
    private String username;

    @Column
    private String password;

    @PostLoad
    public void postLoad()
    {
        password = null;
    }
}

be careful: when loaded inside a transaction, a null password may be eventually flushed on commit.

removing getter for password:
if you put annotations only on fields, you can remove getPassword() method. Even if the field is populated on load, it's not accessible by external java code.

using a @Transient combination:

@Entity
public class Account
{
    @Column
    private String username;

    @Column
    private String password;

    @Transient
    private String password2;

    public String getPassword()
    {
        return password2;
    }

    public void setPassword(String password)
    {
        this.password = password;
        this.password2 = password;
    }
}

Thankyou for answer, I am encrypting password in my dao layer. I want to do something where I read enttity and associated password field should be null. I am getting encrypted password curreently. I have choice I can manually make it null but is there any mechanism by which we can stop reading the field at JPA layer itself. Could be a stupid question, but just asking? — Ron Zoosk, Jan 02 '16 at 16:25
Thankyou dear, I didnot tried it but I think it makes sense. HNY to you. — Ron Zoosk, Jan 06 '16 at 02:32

use JPA entity mapping while storing the entity but ignore fields or a particular table while reading back

1 Answers1