Bird
Raised Fist0
Spring Bootframework~5 mins

DTO vs entity separation benefit in Spring Boot

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Introduction

Separating DTOs and entities helps keep your app organized and safe. It stops your database details from mixing with how data moves in and out of your app.

When you want to send only specific data to users without exposing all database fields.
When you need to change how data is shown without changing the database structure.
When you want to protect your database from accidental changes by users.
When you want to keep your code clean by separating data storage from data transfer.
When you want to validate or format data before sending or saving it.
Syntax
Spring Boot
public class UserEntity {
    private Long id;
    private String username;
    private String password;
    // getters and setters
}

public class UserDTO {
    private String username;
    // getters and setters
}

Entity classes map directly to database tables.

DTO classes are simple objects used to transfer data between layers or systems.

Examples
The DTO hides supplier info when sending product data to clients.
Spring Boot
public class ProductEntity {
    private Long id;
    private String name;
    private double price;
    private String supplierInfo;
    // getters and setters
}

public class ProductDTO {
    private String name;
    private double price;
    // getters and setters
}
Internal notes are kept private in the entity and not sent in the DTO.
Spring Boot
public class OrderEntity {
    private Long id;
    private java.util.Date orderDate;
    private String customerName;
    private String internalNotes;
    // getters and setters
}

public class OrderDTO {
    private java.util.Date orderDate;
    private String customerName;
    // getters and setters
}
Sample Program

This example shows how the UserEntity holds all data including password, but the UserDTO only carries the username. This keeps sensitive info safe when sending data out.

Spring Boot
package com.example.demo.dto;

public class UserDTO {
    private String username;

    public UserDTO() {}

    public UserDTO(String username) {
        this.username = username;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }
}

package com.example.demo.entity;

public class UserEntity {
    private Long id;
    private String username;
    private String password;

    public UserEntity() {}

    public UserEntity(Long id, String username, String password) {
        this.id = id;
        this.username = username;
        this.password = password;
    }

    public Long getId() {
        return id;
    }

    public void setId(Long id) {
        this.id = id;
    }

    public String getUsername() {
        return username;
    }

    public void setUsername(String username) {
        this.username = username;
    }

    public String getPassword() {
        return password;
    }

    public void setPassword(String password) {
        this.password = password;
    }
}

package com.example.demo;

import com.example.demo.dto.UserDTO;
import com.example.demo.entity.UserEntity;

public class Main {
    public static void main(String[] args) {
        // Create an entity with sensitive data
        UserEntity userEntity = new UserEntity(1L, "alice", "secret123");

        // Convert entity to DTO to send only safe data
        UserDTO userDTO = new UserDTO(userEntity.getUsername());

        // Print DTO data
        System.out.println("UserDTO username: " + userDTO.getUsername());
    }
}
OutputSuccess
Important Notes

Always keep sensitive data like passwords only in entities, never in DTOs.

DTOs can help reduce data size sent over the network by excluding unnecessary fields.

Mapping between entities and DTOs can be done manually or with libraries like MapStruct.

Summary

Entities represent how data is stored in the database.

DTOs represent how data is sent or received outside the database.

Separating them keeps your app safer and easier to maintain.

Practice

(1/5)
1. Why is it beneficial to separate DTOs from entities in a Spring Boot application?
easy
A. It allows direct modification of database tables from the UI.
B. It makes the application run faster by skipping database calls.
C. It keeps the database structure hidden and improves security.
D. It reduces the number of classes in the project.

Solution

  1. Step 1: Understand the role of entities

    Entities represent the database structure and are tightly linked to how data is stored.

  2. Step 2: Understand the role of DTOs

    DTOs are used to transfer data safely between layers or systems, hiding internal details.

  3. Final Answer:

    It keeps the database structure hidden and improves security. -> Option C

  4. Quick Check:

    DTOs separate data transfer from entities = A [OK]
Hint: DTOs hide database details from outside layers [OK]
Common Mistakes:
  • Thinking DTOs speed up database calls
  • Believing entities should be exposed directly
  • Confusing DTOs with database tables
2. Which of the following is the correct way to define a DTO class in Spring Boot?
easy
A. public class UserDTO { private String name; public String getName() { return name; } }
B. public record UserDTO(String name) {}
C. public enum UserDTO { NAME; }
D. public interface UserDTO { String name; }

Solution

  1. Step 1: Review DTO class options

    DTOs are simple data carriers. Java records provide a concise way to define immutable DTOs.

  2. Step 2: Identify the correct syntax

    public record UserDTO(String name) {} uses a record, which is modern and recommended for DTOs in Java 17+.

  3. Final Answer:

    public record UserDTO(String name) {} -> Option B

  4. Quick Check:

    Use records for simple DTOs = D [OK]
Hint: Use Java records for simple DTOs in Spring Boot [OK]
Common Mistakes:
  • Using interfaces without methods for DTOs
  • Using enums instead of classes or records
  • Not providing getters for DTO fields
3. Given this code snippet, what will be the output when converting an entity to a DTO? 
record UserDTO(String name) {}
class UserEntity { String name; UserEntity(String name) { this.name = name; } }

UserEntity entity = new UserEntity("Alice");
UserDTO dto = new UserDTO(entity.name);
System.out.println(dto.name());
medium
A. Alice
B. null
C. Compilation error
D. Empty string

Solution

  1. Step 1: Understand entity to DTO conversion

    The entity has a name "Alice" which is passed to the DTO constructor.

  2. Step 2: Check the output of dto.name()

    Since dto stores "Alice", printing dto.name() outputs "Alice".

  3. Final Answer:

    Alice -> Option A

  4. Quick Check:

    Entity name passed to DTO = Alice [OK]
Hint: DTO fields hold entity data passed in constructor [OK]
Common Mistakes:
  • Assuming dto.name() returns null
  • Confusing record syntax causing errors
  • Expecting entity and DTO to be the same object
4. Identify the problem in this code snippet that mixes entity and DTO responsibilities: 
public class UserEntity {
  private String name;
  public String getName() { return name; }
  public void setName(String name) { this.name = name; }
  public String toJson() { return "{\"name\":\"" + name + "\"}"; }
}
medium
A. The toJson method should return XML instead.
B. Getter and setter methods are missing.
C. The name field should be public.
D. Entity class should not handle JSON formatting.

Solution

  1. Step 1: Analyze entity responsibilities

    Entities should focus on data storage and mapping, not formatting or presentation.

  2. Step 2: Identify separation violation

    toJson mixes data with presentation logic, which belongs in DTO or service layers.

  3. Final Answer:

    Entity class should not handle JSON formatting. -> Option D

  4. Quick Check:

    Keep entity and presentation separate = A [OK]
Hint: Entities store data; DTOs handle data format [OK]
Common Mistakes:
  • Allowing entities to format output
  • Making entity fields public
  • Confusing DTO and entity roles
5. You have a UserEntity with sensitive fields like password and internal IDs. How does using a separate UserDTO improve your Spring Boot API's security and maintainability?
hard
A. By exposing only necessary fields and hiding sensitive data from API responses.
B. By allowing direct database updates from the API without validation.
C. By merging all entity fields into one large DTO for simplicity.
D. By removing the need for service layers in the application.

Solution

  1. Step 1: Recognize sensitive data risks

    Entities contain all data, including sensitive info like passwords, which should not be exposed.

  2. Step 2: Understand DTO role in security

    DTOs can include only safe fields, preventing accidental exposure in API responses.

  3. Step 3: Consider maintainability benefits

    Separating DTOs allows easier changes to API without affecting database structure.

  4. Final Answer:

    By exposing only necessary fields and hiding sensitive data from API responses. -> Option A

  5. Quick Check:

    DTOs protect sensitive data and ease maintenance = B [OK]
Hint: DTOs hide sensitive entity fields from API output [OK]
Common Mistakes:
  • Exposing all entity fields directly
  • Skipping validation by merging DTO and entity
  • Removing service layers causing tight coupling