210 likes | 379 Views
Serialization. Java Serialization. Java uses object serialization both for object communication e.g. moving an object across a network connection object persistence e.g. writing an object to a file and then restoring the object. Java Serialization.
E N D
Java Serialization • Java uses object serialization both for • object communication • e.g. moving an object across a network connection • object persistence • e.g. writing an object to a file and then restoring the object.
Java Serialization • There are classic shallow vs deep copy issues associated with serialization. • With serialization a shallow copy is not viable. • Java provides two mechanisms for object persistence • serialization • externalization
Serialization vs Externalization • Serialization is the “save it all in a standard way” • Externalization is a subinterface of serialization. It provides a model for objects that require customized serialization.
Recall I/O • ObjectInputStream and ObjectOutputStream allow one to read and write objects to streams. • When an object is written to a stream the object is transformed into bytes. • The process of transforming an objet into a stream of bytes is called serialization.
An Example: • Suppose we have an object of type Hashtable named hash Hashtable hash = … • To write it to a file FileOutputStream fileOut = new FileOutputStream(“myfile”); ObjectOutputStream out = new ObjectOutputStream(fileOut); out.writeObject(hash);
Serialization • For this to work, the class of the object being serialized must be designed to have its objects serialized. • This is simple. The class declaration must implement the Serializable interface. There are no methods to implement.
Serialization • This serialization is a default serialization. • The default serialization serializes each field of the object that is NOT • static //belongs to all instances • transient //has no meaning on another platform
Serialization • Default serialization also requires that either the superclass has a no-arg construtor or that it is also Serializable. • When the serialization takes place, static fields are left untouched, transient fields are set to a default value for its type.
Serialization • Serialization starts by serialization of any base class object fields inherited from ancestor classes, then the objects fields. • Serialization fails if any object reachable from the requested object cannot be serialized.
Containers • If a container object (vector, array, etc) are serialized, the contents must be serializable or a NotSerializableException will be thrown
The Object Graph A specific object is likely tohave multiple references to the same object Serialization insures that only one copy of the object is saved
The Object Graph A VM neutral reference (id)is given to each objectas it is serialized Subsequent referencesto the object will allhave this id as aplaceholder.
Transient objects • When a persistent object is restored it is necessary that the object’s transient state be valid. • “corrective” code can be defined by overriding the private void readObject(ObjectInputStream is)throws IOException { } method in the class
An example….a linked list class ListElement implements Serializable { private Object data; private ListElement prev, next; …} public class List implements java.io.Serializable { private ListElement head; private transient int count; private void readObject(ObjectInputStream ois) throws IOException { try { ois.defaultReadObject() ; // use the default deserialization setCount() ; // this procedure is written to figure // out and set the transient field count which // was set to 0 during deserialization } catch (IOException e) { ...
writeObject • a method writeObject(ObjectOutputStream oos) throws IOException { .. • can also be written to perform processing before an object is serialized with oos.defaultWriteObject() • More complex customization should probably work with the Externalizable interface
A problem • Suppose that an object of a class X is serialized. • Suppose now that someone changes the class X • Now suppose that the object of class X is deserialized….or can it be? • It cannot be!
Class versioning • If de-serialization occurs in a VM with • the CLASSPATH pointing to a different bytecode or • the class has been modified since the object was serialized de-serialization must fail with an InvalidClassException • How is this accomplished?
Class versions • Class information is also written out as part of the ObjectOutputStream. • One such piece of information is the serialVersionUID • a command serialver it is provided serialver -show //gives a window to see the info serialver classname // for a class that implements java.io.serializable
Class versions • By default it is a computed hash signature of the class. • If you want control of this mechanism, in your class you may specify static final long serialVersionUID = ?? then when an object is deserialized, this serialVersionUID will be compared to the available class id in the VM.
Class versions • It is generally a bad idea to use your own serialVersionUID. • The numbers calculated avoid conflict with other classes and represent a secure hash (a secure hash is one that makes it virtually impossible to change a class without the hash changing)