How to hide some json in response?

Question

I have a module which is based on spring-data-rest. I get this response, for instance, for @Entity User.

url:

http://localhost:8080/Product/rest/users

response below (main thing that there is a password there):

 {
      "_embedded" : {
        "users" : [ {
          "def" : "dmityushin",
          "delDate" : null,
          "displayDef" : "Митюшин Дмитрий Александрович",
          "email" : "[email protected]",
          "naviDate" : "2015-10-21T12:54:08.559+0000",
          "naviUser" : "admin",
          "phone" : null,
          "pwd" : "266810e0707d7aeb8e838308aa248f3ea116e483",
          "_links" : {
            "self" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/308"
            },
            "user" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/308"
            },
            "pscUser" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/308/pscUser"
            },
            "pscBranch" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/308/pscBranch"
            }
          }
        }, {
          "def" : "grak",
          "delDate" : null,
          "displayDef" : "Григорий Рак",
          "email" : "[email protected]",
          "naviDate" : "2015-10-23T11:59:19.546+0000",
          "naviUser" : "admin",
          "phone" : null,
          "pwd" : "c7f33616778ba938272eac0ca0a3364bfc17203d",
          "_links" : {
            "self" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/316"
            },
            "user" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/316"
            },
            "pscUser" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/316/pscUser"
            },
            "pscBranch" : {
              "href" : "http://localhost:8080/ProductCatalog/rest/2/users/316/pscBranch"
            }
          }
        }...OTHERS 

I want to hide password and some others fields. How can I do this? I've not found enough information about it. Though it looks like that it should be simple.

code of my Entity:

@XmlRootElement
@XmlAccessorType(value = XmlAccessType.FIELD)
@Entity
@Table(name = "psc_users")
@NamedQuery(name = "User.findAll", query = "SELECT u FROM User u")
public class User implements Serializable {
    private static final long serialVersionUID = 8885916014620036457L;

    @Id
    private static final String SEQUENCE_NAME = "psc_users_user_id_seq";
    @Id
    @GeneratedValue(...)
    @GenericGenerator(...)
    @Column(name = "USER_ID")
    private Long userId;

    @Column(name = "DEF")
    private String def;

    @Temporal(TemporalType.TIMESTAMP)
    @Column(name = "DEL_DATE")
    private Date delDate;

    @Column(name = "DISPLAY_DEF", length = 60)
    private String displayDef;

    @Column(name = "EMAIL", length = 60)
    private String email;

    @Temporal(TemporalType.TIMESTAMP)
    @Column(name = "NAVI_DATE")
    private Date naviDate;

    @Column(name = "NAVI_USER")
    private String naviUser;

    @Column(name = "PHONE", length = 30)
    private String phone;

    @Column(name = "PWD", length = 40)
    private String pwd;

    //bi-directional many-to-one association to Branch
    @ManyToOne(cascade = CascadeType.MERGE)
    @JoinColumn(name = "BRNC_BRNC_ID", nullable = false)
    private Branch pscBranch;

    ...some other fields

    public User() {
    }

    ...get() methods

}

Sorry for my bad english and thanks in advance(:

Answer 1

To hide some fields you can use @JsonIgnore on the getter of the field that you want to hide but don't forget to add @JsonSetter on the setter of that field