Version
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
'%3e%3cpath%20d='m7.15%205.779.281.877c-.001.502.003.991.124%201.48l.116-.082.229-1.265c.723%201.422%202.78%203.325%202.53%205.008-.022.154-.082.3-.158.435.349-.014.375-.38.578-.56.187%201.005.17%201.975-.22%202.932l1.428%203.159c-.007.07-.626.285-.744.226-.087-.044-.629-1.506-.742-1.754-.103-.224-.457-1.044-.592-1.165-.592-.534-2.033-.183-2.773-.256l.488-.115.148-.109c-.68-.08-1.363-.34-1.85-.815.531.046%201.052.121%201.592.087.1-.006.378-.02.432-.114-1.338-.016-2.398-.569-3.16-1.62-1.03-1.422-1.646-3.215-2.658-4.662-.203-.289-.474-.68-.776-.847-.015-.092.076-.054.137-.049.375.034.778.157%201.148.234l1.26.462c-.404-.737-1.332-.637-1.984-.994-.759-.416-1.2-1.386-1.487-2.149-.258-.68-.536-1.495-.492-2.217.282.262.529.573.896.73.087-.102-.838-1.102-.867-1.323C-.051.673.656-.051%201.328.003c1.128.09%202.44%201.953%202.87%202.886.074.069.145-.23.149-.25.029-.154.01-.306.054-.452.67.932%201.64%201.722%202.122%202.768l.626%201.778V5.78Z'/%3e%3cpath%20d='m10.851%206.733.626-1.778c.483-1.047%201.451-1.836%202.122-2.769.045.147.025.299.054.452.005.021.075.32.149.25.43-.932%201.742-2.796%202.87-2.885.672-.054%201.38.67%201.294%201.31-.03.22-.954%201.221-.867%201.322.367-.156.614-.467.896-.729.044.722-.234%201.536-.49%202.218-.288.763-.73%201.733-1.488%202.149-.652.356-1.58.256-1.984.993l1.26-.461c.37-.077.772-.2%201.148-.234.06-.006.152-.044.136.049-.301.166-.573.557-.775.847-.794%201.135-1.347%202.488-2.049%203.68-.635%201.081-1.285%202.087-2.613%202.432.148-.768.005-1.562-.173-2.316l-.32-.092c-.219-1.088-.84-2.001-1.466-2.908l.919-1.475.229%201.265.116.082c.12-.489.125-.979.123-1.48l.283-.877v.955ZM8.017%2014.984c-.238.57-.531%201.119-.78%201.686-.089.204-.446%201.24-.518%201.295-.145.114-.622-.087-.777-.2l1.207-2.78h.868ZM12.008%2013.75c-.059.174-.949.7-1.04.617l.12-.5.92-.117Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h18v18H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
docs
reference
advanced-integration.mdcaching.mdconditional-endpoints.mdconfiguration.mdcsrf-protection.mddate-formatting.mdexception-mapping.mdfilters.mdjackson-integration.mdkotlin-serialization.mdmultipart.mdparameter-binding.mdqute-templates.mdresource-utilities.mdresponse-handling.mdrest-client.mdrest-links.mdstreaming.md
tessl/maven-io-quarkus--quarkus-resteasy-reactive
tessl install tessl/maven-io-quarkus--quarkus-resteasy-reactive@3.15.0A Jakarta REST implementation utilizing build time processing and Vert.x for high-performance REST endpoints with reactive capabilities in cloud-native environments.
jackson-integration.mddocs/reference/
Jackson Integration
Quarkus REST provides deep Jackson integration for JSON serialization and deserialization, including method-level customization, security-aware field filtering, and custom ObjectMapper configuration.
Import
import io.quarkus.resteasy.reactive.jackson.CustomSerialization;
import io.quarkus.resteasy.reactive.jackson.CustomDeserialization;
import io.quarkus.resteasy.reactive.jackson.SecureField;
import io.quarkus.resteasy.reactive.jackson.EnableSecureSerialization;
import io.quarkus.resteasy.reactive.jackson.DisableSecureSerialization;
import io.quarkus.rest.client.reactive.jackson.ClientObjectMapper;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.ObjectWriter;
import com.fasterxml.jackson.databind.ObjectReader;
import java.util.function.BiFunction;
import java.lang.reflect.Type;Annotations
@CustomSerialization
Provides method-level custom Jackson serialization by specifying a function that creates an ObjectWriter.
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface CustomSerialization {
/**
* BiFunction that takes ObjectMapper and Type, returns ObjectWriter
*/
Class<? extends BiFunction<ObjectMapper, Type, ObjectWriter>> value();
}@CustomDeserialization
Provides method-level custom Jackson deserialization by specifying a function that creates an ObjectReader.
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface CustomDeserialization {
/**
* BiFunction that takes ObjectMapper and Type, returns ObjectReader
*/
Class<? extends BiFunction<ObjectMapper, Type, ObjectReader>> value();
}@SecureField
Marks fields for role-based serialization filtering.
@Target(ElementType.FIELD)
@Retention(RetentionPolicy.RUNTIME)
public @interface SecureField {
/**
* Roles allowed to see this field
*/
String[] rolesAllowed();
}@EnableSecureSerialization
Enables secure serialization for a resource method or class.
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface EnableSecureSerialization {
}@DisableSecureSerialization
Disables secure serialization for a resource method or class.
@Target({ElementType.TYPE, ElementType.METHOD})
@Retention(RetentionPolicy.RUNTIME)
public @interface DisableSecureSerialization {
}@ClientObjectMapper (REST Client)
Registers a custom ObjectMapper provider for REST Client.
@Target(ElementType.TYPE)
@Retention(RetentionPolicy.RUNTIME)
public @interface ClientObjectMapper {
}Custom Serialization
Basic Custom Serialization
public class CustomUserWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
return mapper.writerWithView(PublicView.class);
}
}
@GET
@Path("/users/{id}")
@CustomSerialization(CustomUserWriter.class)
public User getUser(@RestPath String id) {
return userService.findById(id);
}JSON Views
public class Views {
public static class Public {}
public static class Internal extends Public {}
public static class Admin extends Internal {}
}
public class User {
@JsonView(Views.Public.class)
private String name;
@JsonView(Views.Internal.class)
private String email;
@JsonView(Views.Admin.class)
private String ssn;
}
public class PublicViewWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
return mapper.writerWithView(Views.Public.class);
}
}
public class AdminViewWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
return mapper.writerWithView(Views.Admin.class);
}
}
@Path("/users")
public class UserResource {
@GET
@Path("/{id}")
@CustomSerialization(PublicViewWriter.class)
public User getPublicUser(@RestPath String id) {
return userService.findById(id);
// Returns: { "name": "John" }
}
@GET
@Path("/{id}/admin")
@CustomSerialization(AdminViewWriter.class)
public User getAdminUser(@RestPath String id) {
return userService.findById(id);
// Returns: { "name": "John", "email": "john@example.com", "ssn": "123-45-6789" }
}
}Custom Filters
public class SensitiveDataWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
SimpleFilterProvider filters = new SimpleFilterProvider();
filters.addFilter("sensitiveFilter",
SimpleBeanPropertyFilter.serializeAllExcept("password", "token"));
return mapper.writer(filters);
}
}
@JsonFilter("sensitiveFilter")
public class Account {
private String username;
private String password; // Filtered out
private String token; // Filtered out
private String email;
}
@GET
@Path("/account")
@CustomSerialization(SensitiveDataWriter.class)
public Account getAccount() {
return accountService.getCurrentAccount();
}Custom Deserialization
Basic Custom Deserialization
public class StrictUserReader implements BiFunction<ObjectMapper, Type, ObjectReader> {
@Override
public ObjectReader apply(ObjectMapper mapper, Type type) {
return mapper.reader()
.without(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES)
.forType(mapper.constructType(type));
}
}
@POST
@Path("/users")
@CustomDeserialization(StrictUserReader.class)
public User createUser(User user) {
return userService.create(user);
}Custom Date Handling
public class CustomDateReader implements BiFunction<ObjectMapper, Type, ObjectReader> {
@Override
public ObjectReader apply(ObjectMapper mapper, Type type) {
ObjectMapper customMapper = mapper.copy();
customMapper.setDateFormat(new SimpleDateFormat("yyyy-MM-dd"));
return customMapper.readerFor(mapper.constructType(type));
}
}
@POST
@Path("/events")
@CustomDeserialization(CustomDateReader.class)
public Event createEvent(Event event) {
return eventService.create(event);
}Polymorphic Deserialization
public class PolymorphicReader implements BiFunction<ObjectMapper, Type, ObjectReader> {
@Override
public ObjectReader apply(ObjectMapper mapper, Type type) {
return mapper.readerFor(mapper.constructType(type))
.without(DeserializationFeature.FAIL_ON_INVALID_SUBTYPE);
}
}
@JsonTypeInfo(use = JsonTypeInfo.Id.NAME, property = "type")
@JsonSubTypes({
@JsonSubTypes.Type(value = Dog.class, name = "dog"),
@JsonSubTypes.Type(value = Cat.class, name = "cat")
})
public abstract class Animal {
private String name;
}
@POST
@Path("/animals")
@CustomDeserialization(PolymorphicReader.class)
public Animal createAnimal(Animal animal) {
return animalService.create(animal);
}Secure Field Serialization
Basic Secure Fields
@EnableSecureSerialization
public class User {
private String name;
@SecureField(rolesAllowed = {"ADMIN"})
private String email;
@SecureField(rolesAllowed = {"ADMIN", "MANAGER"})
private String phone;
@SecureField(rolesAllowed = {"ADMIN"})
private String ssn;
}
@GET
@Path("/users/{id}")
public User getUser(@RestPath String id) {
// Returns different fields based on user's roles
// Regular user: { "name": "John" }
// Manager: { "name": "John", "phone": "555-1234" }
// Admin: { "name": "John", "email": "john@example.com", "phone": "555-1234", "ssn": "123-45-6789" }
return userService.findById(id);
}Class-Level Secure Serialization
@EnableSecureSerialization
@Path("/users")
public class UserResource {
@GET
@Path("/{id}")
public User getUser(@RestPath String id) {
// Secure serialization enabled for this method
return userService.findById(id);
}
@GET
@Path("/{id}/public")
@DisableSecureSerialization
public User getPublicUser(@RestPath String id) {
// Secure serialization disabled for this method
return userService.findById(id);
}
}Multiple Role Requirements
public class Account {
private String id;
private String username;
@SecureField(rolesAllowed = {"ADMIN"})
private String password;
@SecureField(rolesAllowed = {"ADMIN", "AUDITOR"})
private List<Transaction> transactions;
@SecureField(rolesAllowed = {"ADMIN", "SUPPORT"})
private String internalNotes;
}Nested Secure Fields
@EnableSecureSerialization
public class Order {
private String orderId;
private User user; // User also has @SecureField annotations
private List<Item> items;
@SecureField(rolesAllowed = {"ADMIN", "FINANCE"})
private BigDecimal totalCost;
@SecureField(rolesAllowed = {"ADMIN"})
private String internalNotes;
}
@EnableSecureSerialization
public class User {
private String name;
@SecureField(rolesAllowed = {"ADMIN"})
private String email;
}Client ObjectMapper
Custom Client ObjectMapper
@ClientObjectMapper
public static class CustomObjectMapperProvider implements ObjectMapperCustomizer {
@Override
public void customize(ObjectMapper objectMapper) {
objectMapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
objectMapper.registerModule(new JavaTimeModule());
}
}
@Path("/api")
@RegisterRestClient
@RegisterProvider(CustomObjectMapperProvider.class)
public interface ApiClient {
@GET
@Path("/data")
Uni<Data> getData();
}Per-Client Customization
@ClientObjectMapper
public static class StrictMapper implements ObjectMapperCustomizer {
@Override
public void customize(ObjectMapper objectMapper) {
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true);
objectMapper.configure(DeserializationFeature.FAIL_ON_NULL_FOR_PRIMITIVES, true);
}
}
@Path("/api")
@RegisterRestClient(configKey = "strict-api")
@RegisterProvider(StrictMapper.class)
public interface StrictApiClient {
@GET
Uni<Data> getData();
}Combining Annotations
Custom Serialization with Secure Fields
public class SecureViewWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
return mapper.writerWithView(Views.Secure.class);
}
}
@EnableSecureSerialization
public class SensitiveData {
@JsonView(Views.Secure.class)
private String publicInfo;
@JsonView(Views.Secure.class)
@SecureField(rolesAllowed = {"ADMIN"})
private String adminOnlyInfo;
@SecureField(rolesAllowed = {"ADMIN"})
private String adminOnlySecret;
}
@GET
@Path("/data")
@CustomSerialization(SecureViewWriter.class)
public SensitiveData getData() {
// Combines JSON views with secure field filtering
return dataService.getSensitiveData();
}Error Handling
Deserialization Errors
public class TolerantReader implements BiFunction<ObjectMapper, Type, ObjectReader> {
@Override
public ObjectReader apply(ObjectMapper mapper, Type type) {
return mapper.reader()
.without(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES)
.without(DeserializationFeature.FAIL_ON_IGNORED_PROPERTIES)
.without(DeserializationFeature.FAIL_ON_NULL_FOR_PRIMITIVES)
.forType(mapper.constructType(type));
}
}
@POST
@Path("/data")
@CustomDeserialization(TolerantReader.class)
public Data createData(Data data) {
// Ignores unknown fields and null values
return dataService.create(data);
}Validation
public class ValidatingReader implements BiFunction<ObjectMapper, Type, ObjectReader> {
@Override
public ObjectReader apply(ObjectMapper mapper, Type type) {
return mapper.reader()
.with(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES)
.with(DeserializationFeature.FAIL_ON_NULL_FOR_PRIMITIVES)
.with(DeserializationFeature.FAIL_ON_MISSING_CREATOR_PROPERTIES)
.forType(mapper.constructType(type));
}
}
@POST
@Path("/strict")
@CustomDeserialization(ValidatingReader.class)
public Data createStrict(Data data) {
// Strict validation during deserialization
return dataService.create(data);
}Best Practices
Use Views for Public APIs
// Define clear view hierarchies
public class Views {
public static class Public {}
public static class Internal extends Public {}
}
// Apply views consistently
@CustomSerialization(PublicViewWriter.class)
public User getPublicProfile();Secure Fields for Sensitive Data
// Always use @EnableSecureSerialization with @SecureField
@EnableSecureSerialization
public class User {
@SecureField(rolesAllowed = {"ADMIN"})
private String ssn;
}Combine with Bean Validation
public class CreateUserRequest {
@NotBlank
@Size(min = 3, max = 50)
private String username;
@NotBlank
@Email
private String email;
}
@POST
@Path("/users")
@CustomDeserialization(StrictReader.class)
public User createUser(@Valid CreateUserRequest request) {
// Combines JSON validation with Bean Validation
return userService.create(request);
}Cache ObjectWriter/ObjectReader
public class CachedWriter implements BiFunction<ObjectMapper, Type, ObjectWriter> {
private static final Map<Type, ObjectWriter> cache = new ConcurrentHashMap<>();
@Override
public ObjectWriter apply(ObjectMapper mapper, Type type) {
return cache.computeIfAbsent(type,
t -> mapper.writerWithView(Views.Public.class));
}
}Configuration
Configure Jackson globally via application.properties:
# Include properties
quarkus.jackson.serialization-inclusion=non_null
# Date format
quarkus.jackson.date-format=yyyy-MM-dd'T'HH:mm:ss.SSSZ
# Time zone
quarkus.jackson.timezone=UTC
# Features
quarkus.jackson.fail-on-unknown-properties=false
quarkus.jackson.write-dates-as-timestamps=false