1

I'm wondering whether it is possible to add additional functionality to the @Column annotation in JPA. Specifically, what I would like to do is tag columns of sensitive data with an @ProtectedColumn annotation: this would then tell the persistence framework to apply some type of data protection (encryption, tokenization, whatever...) to the values when storing them into the actual data store, and then reverse that process when reading the values from the data store.

So I might have a Customer class that included this code:

@Column(value="Name")
private String name;

@ProtectedColumn(value="CreditCardNumber", protectionType="ultra")
private String creditCardNumber;

Instead of storing the actual credit card number, this would then store the result of protecting the credit card number with the protection type "ultra" (whatever that may be).

Obviously, I don't want to re-implement all the database access functionality already present in the @Column annotation: I just want to extend its functionality. I know that annotations are not directly extensible (see Why is not possible to extend annotations in Java?), but it seems to me that it might be possible to intercept the value before it gets to the @Column annotation, so perhaps the field definition looks like this:

@Protected(protectionType="ultra")
@Column(value="CreditCardNumber")
private String creditCardNumber;

So my first question is whether this is even theoretically possible: if so, I'd appreciate any pointers on how to combine/extend annotations in this way.

Community
  • 1
  • 1
Dave Mulligan
  • 1,623
  • 3
  • 19
  • 31
  • Since the persistence framework would need to know about YOUR annotations then you can safely conclude that NO it is not possible (without using JPA provider specifics). – Neil Stockton Apr 26 '17 at 08:11
  • 1
    What about using a JPA Converter? http://www.thoughts-on-java.org/jpa-21-how-to-implement-type-converter/ – Alan Hay Apr 26 '17 at 08:15
  • @AlanHay: perfect. I didn't know JPA Converters existed. If you'd puth this as an answer instead of a comment, you would have got the rep bump :-( Instead you're left with just my gratitude. – Dave Mulligan Apr 26 '17 at 08:36
  • @DaveMulligan You can check my answer for an appropriate solution. – cнŝdk Apr 26 '17 at 13:15

2 Answers2

1

You can use a converter. For example you can implement a Converter like he did: use converter He uses xml configuration. If you want to use annotations, just have a look at these two java classes in this git repository:jpa converter with annotation Therefore you can use the annotation @Convert(converter = JPACryptoConverter.class) (Given that JPACryptoConverter is a child of AttributeConverter).

Noixes
  • 1,158
  • 12
  • 25
0

Well short answer is No you can't simply extend the @Column annotation in Hibernate by adding a protection option to it but to provide a complete answer you can surely combine it with other annotations, to protect/encrypt a column in Hibernate you have two possible options:

Useful links:

For further reading about these two options you can check the following Thoughts On Java's tutorials:

  1. How to map encrypted database columns with Hibernate’s @ColumnTransformer annotation.
  2. How to implement a JPA Attribute Converter.

You can also check this answer to see how can you implement a custom Column Transformer.

A third option is to use Jasypth Integration library with Hibernate, you can read more about it in Integrating Jasypt with Hibernate 3.x or 4.x.

Community
  • 1
  • 1
cнŝdk
  • 31,391
  • 7
  • 56
  • 78