Java Serialization is a mechanism to transform a graph of Java objects into byte stream (an array of bytes) for storage or transmission, such that said array of bytes can be later transformed back into a graph of Java objects. To opt a class in for Seriliazation, you
package com.test; To serialize the above serializable class to disk: try{ [1] Serialized data file is usually named with .ser extension. To deserialize from the disk, try{ During deserialization, the fields of non-serializable classes will be initialized by their no-arg constructor of the corresponding non-serializable class. The fields of serializable subclasses will not be initialized by subclasses' constructors, but will be restored from the stream. serialVersionUIDAccording to the Serializable Javadoc, to convince the Java runtime that Person on the disk and Person in memory are in fact compatible in term of serialization and deserialization, Java uses a calculated hash based on just about everything of a given class — method names, field names, field types, access modifiers — and compares that hash value against the hash value in the serialized stream. They must have the same serialization version hash (stored as the private static final serialVersionUID field) to be deserialized. Authough serialVersionUID will be automatically generated if not supplied in the code, it is strongly recommended that all serializable classes explicitly declare serialVersionUID values, since the default serialVersionUID computation may vary depending on compiler implementations, and can thus result in unexpected InvalidClassExceptions during deserialization. There are three options to assign serialVersionUID: #1: any value you want private static final long serialVersionUID = 1L; #2: serialver command JDK has a build in command called “serialver” to generate the serialVersionUID. If a Serializable class already has a serialVersionUID, serialver will simply report that serialVersionUID to the developer. If not, you cd to the class directory of the serializable class and use “serialver” to generate/suggest a serialVersionUID to be used toward Person class: % serialver com.test.Person #3: If you're using Eclipse, simply mouse over the serialization class and you'll get the help from Eclipse. adding fields to serializable class It is said that under the following circumstances, adding field to an existing serializable class, the serialization and deserialization compability still works, as long as the serialVersionUID is the same before and after:
customize serialization processClasses that require special handling during the serialization and deserialization process must implement special methods with these exact signatures: private void writeObject(java.io.ObjectOutputStream out) throws IOException If it is declared, they will be called from the ObjectOutputStream or ObjectInputStream instead of the default serialization or deserialization process. Please refer to "What are writeObject and readObject" for an example. securityIf you need to encrypt and sign an entire object, the simplest thing is to put it in a javax.crypto.SealedObject and/or java.security.SignedObject wrapper. proxyWhen you serialize a class, transient fields won't be serialized. Sometimes, you want to actually serialize using another slim-down proxy class (e.g. PersonProxy) that only serialize partial core elements of the data. In reverse, when deserializing, you'd like to return to the original class. Entering the concept of proxy. To allow this, there are methods to be implemented. Serializable classes that need to designate an alternative object to be used when writing an object to the stream should implement these special methods in the original non-proxy class (e.g. Person) with the exact signature: ANY-ACCESS-MODIFIER Object writeReplace() throws ObjectStreamException; Classes that need to designate a replacement when an instance of it is read from the stream should implement this special method in the proxy class (e.g. PersonProxy) with the exact signature. ANY-ACCESS-MODIFIER Object readResolve() throws ObjectStreamException; For example, class PersonProxy implements Serializable{ references
0 Comments
Leave a Reply. |
Categories
All
Archives
May 2020
|