Java对瞬态字段的序列化
|
我正在阅读《 Java第四版的思考》。
其中描述了一个奇怪的解决方法,用于serial0字段的序列化:
import java.io.*;
public class SerializationTest implements Serializable {
private String firstData;
//transient field, shouldn\'t be serialized.
transient private String secondData;
public SerializationTest(String firstData, String test2) {
this.firstData = firstData;
this.secondData = test2;
}
/**
* Private method, same signature as in Serializable interface
*
* @param stream
* @throws IOException
*/
private void writeObject(ObjectOutputStream stream) throws IOException {
stream.defaultWriteObject();
stream.writeObject(secondData);
}
/**
* Private method, same signature as in Serializable interface
*
* @param stream
* @throws IOException
*/
private void readObject(ObjectInputStream stream)
throws IOException, ClassNotFoundException {
stream.defaultReadObject();
secondData = (String) stream.readObject();
}
@Override
public String toString() {
return \"SerializationTest{\" +
\"firstData=\'\" + firstData + \'\\\'\' +
\", secondData=\'\" + secondData + \'\\\'\' +
\'}\';
}
public static void main(String[] args) throws IOException, ClassNotFoundException {
FileOutputStream fos = null;
ObjectOutputStream oos = null;
try {
fos = new FileOutputStream(\"object.out\");
oos = new ObjectOutputStream(fos);
SerializationTest sTest = new SerializationTest(\"First Data\", \"Second data\");
oos.writeObject(sTest);
} finally {
oos.close();
fos.close();
}
FileInputStream fis = null;
ObjectInputStream ois = null;
try {
fis = new FileInputStream(\"object.out\");
ois = new ObjectInputStream(fis);
SerializationTest sTest = (SerializationTest) ois.readObject();
System.out.println(sTest);
} finally {
ois.close();
fis.close();
}
//Output:
//SerializationTest{firstData=\'First Data\', secondData=\'Second data\'}
}
}
如您所见,已经实现了专用方法writeObject
和readObject
。
问题是:
哪些ObjectOutputStream和ObjectInputStream使用Reflection访问私有方法?
Java中包括多少个后门?
没有找到相关结果
已邀请:
3 个回复
屡倒雷图
屑凉赦
慷祈霖黑