I'm working in a smartgwt project that uses Hibernate.
I have a User entity with his DataSource and the DataSource is configured to know about the entity. So anytime I use the DataSource to load Users in the client, the the DataSource uses Hibernate to serialize the Users entities he founds. My problem is that the records I get in the client has a password attribute... of course the password should never be sent to the client!
I'm thinking on 2 solutions but until now I could not solve my problem successfully.
1 - I guess it would be possible to configure the Hibernate entity to not serialize the password property but I did not found how.
2 - I also guess that has to be possible to configure the DataSource to ignore that field but no idea how.
There are few ways to do that:
@Transient
private String password;
Mark your field with @Transient annotation or:
private transient String password;
These won't allow hibernate either to persist or serialize the object.
The problem is that probably you need the password to be persisted but not serialized when reading. In this case I would create a new POJO entity of the user which doesn't have the password and copy other values to it or just simply write the JPQL query to get necessary fields and exclude the password.