How do I know what implementation of jaxrs I am using?

Question

I have a Java 1.7 starts application. It does have some RESTful api's.

I would like to add @JsonIgnore to a filed so that it is not returned in the api.

E.g.

Member.java

import com.fasterxml.jackson.annotation.JsonIgnore;
    
private java.lang.String username;
@JsonIgnore
private java.lang.String password;

Does not ignore the password.

"member": {
    "password": "**************",
    "username": "richard"
}

I think the reason why @JsonIgnore does not work, is because I use com.fasterxml.jackson.annotation.JsonIgnore. Should I use a different annotation from a different library? i.e. Is my implementation of jaxrs maybe not com.fasterxml.jackson? How do I tell?

The IntelliJ classpath has:

(I have tried net.minidev.json.annotate.JsonIgnore with no success)

More info:

pom.xml

<dependency>
    <groupId>net.minidev</groupId>
    <artifactId>json-smart</artifactId>
    <version>2.3</version>
</dependency>

and

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-databind</artifactId>
    <version>2.11.2</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-annotations</artifactId>
    <version>2.11.2</version>
</dependency>

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-core</artifactId>
    <version>2.11.2</version>
</dependency>

Is this the problem? two versions! I am not sure where the 2.0.5 version comes from, as it is not defined in the pom.

Maybe add the annotation to either the accessor (get) or mutator (set) method, but not both. I suggest the getter for readability. — Mr. Polywhirl, Aug 13 '20 at 13:49
@Mr.Polywhirl thanks for the reply. I have tried adding it to the getter, with no joy. — Richard, Aug 13 '20 at 13:50
Take a look here: [Only using @JsonIgnore during serialization, but not deserialization](https://stackoverflow.com/a/12505165/1762224) or [here](https://stackoverflow.com/a/27386343/1762224) for more advice. — Mr. Polywhirl, Aug 13 '20 at 13:50
Thanks. I try `@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)`, but it doesn't compile: `Cannot resolve symbol 'Access'`. — Richard, Aug 13 '20 at 14:01
I think this is because it does not exist in version `2.0.5`. — Richard, Aug 13 '20 at 14:07
Take a look at the second one. It suggests using both `@JsonIgnore` and `@JsonProperty` in tandem. — Mr. Polywhirl, Aug 13 '20 at 14:08
@Mr.Polywhirl unfortunately using both `@JsonIgnore` and `@JsonProperty` in tandem does not work either, I still get the `password` in the json. — Richard, Aug 13 '20 at 14:11
I think the reason is because it is using `2.0.5` to do the ignore, but jaxrs is using `2.11.2` to build the json. I just don't know why there is a version `2.0.5` as it's not in any pom. edit: there included projects that use `2.0.5`. — Richard, Aug 13 '20 at 14:13
What server are you using? There are no guarantees that the jax-rs provider is using Jackson (though very likely it must be). Jersey does use Jackson, though, so this should be working. One thing I would try is package `org.codehaus.jackson.annotate.JsonIgnore`. This is the package name Jackson used a long time ago before they moved to the package you are using. Doesn't hurt to try... — Marcio Lucca, Aug 13 '20 at 14:16
@MarcioLucca thanks for the reply. I am using `jboss-as-7.0.2.Final`. I do not have `org.codehaus.jackson.annotate.JsonIgnore` in my classpath though. — Richard, Aug 13 '20 at 14:18
If I change all my dependencies to `2.0.5`. I get the following exception when jaxrs tries to build the json: `java.lang.NoSuchMethodError: com.fasterxml.jackson.databind.ObjectMapper` — Richard, Aug 13 '20 at 14:20

score 1 · Accepted Answer · answered Aug 13 '20 at 14:01

1

You don't need a @JsonIgnore in this case. You can simply omit the variable that you don't want deserialized(the password in this case) and jackson will just return you the username.

answered Aug 13 '20 at 14:01

Daniel Jacob

1,455
9
17

I don't want to omit `password`, because this is an entity used by Hibernate and it writes `password`. I just want to ignore it when I read it. – Richard Aug 13 '20 at 14:02
2

@Richard Then I suggest not mixing domain entities (ORM) with data translation units (DTO or POJO) objects. Map your database object to a DTO and exclude the password entirely. – Mr. Polywhirl Aug 13 '20 at 14:20
@Mr.Polywhirl - you are correct. I should not be using the entity. – Richard Aug 13 '20 at 14:22
Thinking about this again, maybe the annotations did not work because JPA/Hibernate do not return the actual classes you create, they will return proxies to your classes. So maybe the proxy classes will not be annotated the same way as the actual classes. Just a theory. It would be interesting to do a unit test to try to explicitly JSON serialize entities returned from the database using Jackson, to see if Jackson can pick up the annotations. – Marcio Lucca Aug 13 '20 at 15:39

How do I know what implementation of jaxrs I am using?

Member.java

pom.xml

1 Answers1