Menu
Currently I'm learning the Spring framework, mainly focusing on it's Security Module. I've watched some guides in connection with registration and login. I saw this common usage of transient keyword or @Transient annotation on the password field in the User class.
My dummy app is using Spring Boot + Spring MVC + Spring Security + MySQL.
I know that
Java's transient keyword is used to denote that a field is not to be serialized.
JPA's @Transient annotation...
...specifies that the property or field is not persistent. It is used to annotate a property or field of an entity class, mapped superclass, or embeddable class.
and the org.springframework.data.annotation's @Transient annotation...
Marks a field to be transient for the mapping framework. Thus the property will not be persisted and not further inspected by the mapping framework.
In my MySQL db I have my spring_demo schema which has 3 tables:
+-----------------------+ | Tables_in_spring_demo | +-----------------------+ | role | | user | | user_role | +-----------------------+ When I'm using the transient keyword on the password field int the User class, it would not be stored in the MySQL db. (example: test01)
mysql> select * from user; +----+--------+------------------+----------+ | id | active | email | username | +----+--------+------------------+----------+ | 1 | 1 | [email protected] | test01 | +----+--------+------------------+----------+ 1 row in set (0,00 sec) When I'm using the javax.persistence @Transient annotation on the password field in the User class, it also would not be stored in the MySQL db. (example: test02)
But... when I'm using the org.springframework.data.annotation @Transient annotation on the password field in the User class it does stored in the MySQL db. (example: test03) Why is that?
mysql> select * from user; +----+--------+------------------+----------+--------------------------------------------------------------+ | id | active | email | username | password | +----+--------+------------------+----------+--------------------------------------------------------------+ | 1 | 1 | [email protected] | test02 | | | 2 | 1 | [email protected] | test03 | $2a$10$UbvmdhfcKxSNr/I4CjOLtOkKGX/j4/xQfFrv3FizxwEVk6D9sAoO | +----+--------+------------------+----------+--------------------------------------------------------------+ 2 rows in set (0,00 sec) My main questions are, when I'm using the spring.data based @Transient annotation the password field has persisted. Why? And why should I use any @Transient annotation on a password field?
Thank you for your guidance and help in advance!
600
Java's transient keyword is used to denote that a field is not to be serialized, whereas JPA's @Transient annotation is used to indicate that a field is not to be persisted in the database, i.e. their semantics are different.
What is @Transient annotation in Spring? @Transient annotation is used to mark a field to be transient for the mapping framework, which means the field marked with @Transient is ignored by mapping framework and the field not mapped to any database column (in RDBMS) or Document property (in NOSQL).
Hibernate defines and supports the following object states: Transient - an object is transient if it has just been instantiated using the new operator, and it is not associated with a Hibernate Session . It has no persistent representation in the database and no identifier value has been assigned.
To exclude the id attribute, the @MapsId annotation will tell Hibernate that the post association takes care of the table Primary Key column value. So, when the entity identifier and an association share the same column, you can use @MapsId to ignore the entity identifier attribute and use the association instead.
Within the Spring Framework you can use Mapping Framework to convert from one form to another. Say for example your spring java server side application needs send to user information to a client (webpage,mobile app) in JSON format.
@Entity public class User { @Id private long id; @Column(name = "username") private String username; @Column(name = "email") private String email; @Column(name = "password") private String password; } Now to map this java entity object to JSON format you can either use a mapping framework (e.g jackson: com.fasterxml.jackson.databind.ObjectMapper) or do it manually.
The JSON format output that you would get when to convert user 2 object to JSON is:
{ "id": 2, "email": "[email protected]", "username": "test03", "password": "$2a$10$UbvmdhfcKxSNr/I4CjOLtOkKGX/j4/xQfFrv3FizxwEVk6D9sAoO" } Now if you added :
@org.springframework.data.annotation.Transient @Column(name = "password") private String password; and then used the Mapping Framework to again generate the JSON for the user 2 entity you would get:
{ "id": 2, "email": "[email protected]", "username": "test03", } Note the password field is missing from you JSON output. Thats because @org.springframework.data.annotation.Transient specifically states to the spring framework that the Object Mapper you are using should not include this value when converting from Java Object to JSON.
Also note if you attempted to persist the above entity into the database, it would still save it to the database because @org.springframework.data.annotation.Transient only applys to Object mapping frameworks not JPA.
So to recap:
transientis for all serializations (over the wire, saving to disk, saving to db)javax.persistence.Transientis specifically for JPA DB serialization@org.springframework.data.annotation.Transientis for ObjectMapping Framework serializations used within Spring
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
