Home RESTful API hiding hibernate id and version
Reply: 0

RESTful API hiding hibernate id and version

user802
1#
user802 Published in June 20, 2018, 7:33 am

Let's say I have a User entity with an id and a version managed by hibernate, plus a firstname and a lastname.

I want to have CRUD operations on User instances with a RESTful API but I don't want the client to get the user's id and version stored in the database.

A simplistic solution I can think of is to send a representation of the user with modified id and version and to map the "public" values with the database values in a HashMap that lives in the server's memory. I also though of cookies, but I don't think it's a secure solution as they can be hacked by the client. AFAIK, a pure RESTful API must not handle session state on the server.

Is there a secure, scalable and RESTful way to publish resources without exposing their real ids and versions ?

You need to login account before you can post.

About| Privacy statement| Terms of Service| Advertising| Contact us| Help| Sitemap|
Processed in 0.306071 second(s) , Gzip On .

© 2016 Powered by mzan.com design MATCHINFO