I still think this would be a good improvement. For example, if a container subclasses Person.java with a MyPersonImpl that has a getAccountInfo() field, this information is automatically serialized out.
>From our experience, it's much better to require developers to opt into every field that is externally visible. On Mon, Nov 2, 2009 at 2:09 PM, Louis Ryan <lr...@google.com> wrote: > Possibly. Theres a general security concern with the way our framework > exposes all properties of the Java beans of the response objects. Makes it > pretty easy for someone to unintentionally expose some private data. > > On Mon, Nov 2, 2009 at 2:06 PM, Paul Lindner (JIRA) <j...@apache.org> > wrote: > > > > > [ > > > https://issues.apache.org/jira/browse/SHINDIG-651?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12772689#action_12772689 > ] > > > > Paul Lindner commented on SHINDIG-651: > > -------------------------------------- > > > > is this still needed? > > > > > > > Support annotations for exporting objects to/from JSON and XML > > > -------------------------------------------------------------- > > > > > > Key: SHINDIG-651 > > > URL: https://issues.apache.org/jira/browse/SHINDIG-651 > > > Project: Shindig > > > Issue Type: Improvement > > > Components: Java > > > Reporter: Evan Gilbert > > > Assignee: Evan Gilbert > > > Priority: Minor > > > Attachments: Export.patch > > > > > > > > > > > > -- > > This message is automatically generated by JIRA. > > - > > You can reply to this email to add a comment to the issue online. > > > > >
