@JsonIgnoreProperties(ignoreUnknown=false) is not working with spring 4.2.0 and upper version of spring. But it is working with 4.0.4 and 4.0.1 .
I am using spring 4.2.8 and Jackson dependencies are used
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.6.3</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>2.6.3</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.6.3</version>
</dependency>
If I send json request with invalid fields then it is accepting as a valid request. But it should give the bad request as response.
For example: If I have class
public class Student{
private String id;
private String name;
}
If send valid corresponding json request it should be like
{
"id": "123",
"name": "test"
}
But even if I send json request with invalid fields like below it is still accepting.
{
"id": "123",
"name": "test",
"anyinvalidkey": "test"
}
But it should give the bad request as response
An annotation based solution to the based on the answer from Aarya can done in the following way:
@Configuration
public class Config implements InitializingBean {
@Autowired
private RequestMappingHandlerAdapter converter;
@Override
public void afterPropertiesSet() throws Exception {
configureJacksonToFailOnUnknownProperties();
}
private void configureJacksonToFailOnUnknownProperties() {
MappingJackson2HttpMessageConverter httpMessageConverter = converter.getMessageConverters().stream()
.filter(mc -> mc.getClass().equals(MappingJackson2HttpMessageConverter.class))
.map(mc -> (MappingJackson2HttpMessageConverter)mc)
.findFirst()
.get();
httpMessageConverter.getObjectMapper().enable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
}
}
Easy annotation driven solution. In a @Configuration:
@Bean
@Primary
public ObjectMapper objectMapper(Jackson2ObjectMapperBuilder builder) {
ObjectMapper objectMapper = builder.createXmlMapper(false).build();
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true);
return objectMapper;
}
This is happening because the HttpMessageConverter
provided by the earlier versions of spring were using ObjectMapper
default configuration. But the newer versions of spring use Jackson2ObjectMapperBulider
which has DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES
property set to false by default. (Reference link). You can solve this issue by adding the following in your applicationContext.xml:
<bean id="jacksonObjectMapper" class="com.fasterxml.jackson.databind.ObjectMapper" />
<mvc:annotation-driven
content-negotiation-manager="contentNegotiationManager">
<mvc:message-converters>
<bean
class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="objectMapper" ref="jacksonObjectMapper" />
</bean>
</mvc:message-converters>
</mvc:annotation-driven>
<bean id="contentNegotiationManager"
class="org.springframework.web.accept.ContentNegotiationManagerFactoryBean">
<property name="favorPathExtension" value="false" />
<property name="mediaTypes">
<value>
json=application/json
</value>
</property>
</bean>
@Aarya's answer did not work for me right out of box, but gave me a great hint to look around. So this is what works for me. Given that my Spring is 4.3.12.RELEASE and jackson is 2.9.2
<mvc:annotation-driven>
<mvc:message-converters>
<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="objectMapper">
<bean class="com.fasterxml.jackson.databind.ObjectMapper" />
</property>
</bean>
</mvc:message-converters>
</mvc:annotation-driven>