Differences and relationships between JAVA serialization and persistence, java serialization

Source: Internet
Author: User
Tags object serialization

Differences and relationships between JAVA serialization and persistence, java serialization
Persistence: stores data (such as objects in memory) to permanently stored storage devices (such as disks ). The main application of persistence is to store the objects in memory in a relational database. Of course, they can also be stored in Disk Files and XML data files. Persistence is a mechanism for converting program data between the persistent state and the instantaneous state. JDBC is a persistence mechanism. File IO is also a persistence mechanism. Persistence is an object service. It stores objects in the memory in the external store for future retrieval. You need to implement at least three interfaces: void Save (object o) to Save an Object to the external store. object Load (object oid) retrieves the object boolExists (Object oid) from the external store by using the object ID) check whether an object exists in the external store. Why does the persistence service need? This is caused by memory defects: serialization is a similar useful concept: serialization is also an object service, it is to serialize an object in memory into a stream or deserialize the stream into an object. Two interfaces must be implemented: void Serialize (Stream stream, object o) to Serialize the object to the Stream. The object Deserialize (stream Stream) deserializes the stream into an object. serialization is similar to persistence, some people are even confused, but there are still differences. serialization is to solve the object transmission problem. transmission can be performed between threads, between processes, between memory and external memory, and between hosts. The reason why I mentioned serialization here is that we can use serialization to aid persistence. We can say that all objects that can be persisted can be serialized, because serialization is relatively easy (and not very easy ), so mainstream software infrastructure, such. net and java have completed the serialization framework. The persistence scheme can be divided into the relational database scheme, the file scheme, the object database scheme, and the xml database scheme. The mainstream persistence scheme is the relational database scheme, and the relational database scheme not only solves the concurrency problem, more importantly, relational databases also provide value beyond the persistence service: statistical analysis. As I mentioned earlier, all objects that can be serialized can be persisted. In the extreme sense, we can create only one table Object (OID, Bytes), but basically no one does this, as a result, we lose the additional statistical analysis function of the relational database. There is a gap between relational databases and object-oriented systems. Because the patterns in 2 do not match, there is an OR ing problem. What is "persistence"
Persistence: saves data (such as objects in memory) to a permanently retained storage device (such as a disk ). Persistence is mainly used to store data in the memory in a relational database. Of course, it can also be stored in disk files or XML data files.

Speaking of Persistence and Serialization, I used to confuse them. In fact, the gap between the two is indeed not big. What they are similar to is an attempt to convert objects and other things, the difference is that persistence is to save it permanently and get it when needed. serialization is concerned with how to change an object to a byte stream. In essence, from a practical perspective, the two have a large degree of mutual coverage. The serialization mechanism is to convert the class value into a general (that is, continuous) byte stream, the process of writing the stream to a disk file or any other streaming target is also known as persistence. Of course, the so-called deserialization, as its name implies, is the process of reversing the serialization process and getting objects from the stream target.

The serialization process is to write the object into the byte stream and read the object from the byte stream. After converting the object state to word throttling,
You can use various byte stream classes in the java. io package to save them to files, and pipe them to another thread or connect them through a network.
Sends object data to another host. Object serialization is very simple and powerful.
All have applications. Object serialization is not the most exciting topic in network programming, but it is very important and has
Many practical meanings.

1. Object serialization can implement distributed objects. Main Applications: RMI uses objects to serialize services on remote hosts, just like running objects on local hosts.

Ii. java object serialization not only retains the data of an object, but also recursively stores the data of each object referenced by the object. The entire Object layer can be written to the byte stream, stored in a file or transmitted over a network connection. The object sequence can be used to perform "Deep replication" on the object, that is, copying the object itself and the referenced object itself. Serializing an object may obtain the entire object sequence.

From the above description, we know that object serialization is an essential weapon in java programming, so let's start from the basics and take a good look at its mechanism and usage.


Java serialization is relatively simple. You do not need to write custom code to save and restore the object state. The Class Object of the java. io. Serializable interface can be converted to throttling or restored from the byte stream without adding any code to the class. In rare cases, you need to customize the code to save or restore the object state. Note: Not every class can be serialized. Some classes cannot be serialized. For example, classes involving threads have very complex relationships with specific JVMs.

Serialization mechanism:

Serialization is divided into two parts: serialization and deserialization. Serialization is the first part of this process. Data is decomposed into word throttling for storage in files or transmitted over the network. Deserialization is to open the byte stream and reconstruct the object. Object serialization not only converts the basic data type to a byte representation, but also restores data. To recover data, you must have an object instance that recovers data. The serialization process in ObjectOutputStream is connected to the byte stream, including the object type and version information. During deserialization, JVM generates an object instance with the header information, and then copies the data in the object byte stream to the object data member.
Below we will explain in two parts:

Process object stream:
(Serialization and deserialization)

The java. io package has two classes for serialized objects. ObjectOutputStream writes objects to byte streams, and ObjectInputStream reconstructs objects from byte streams.
Let's first understand the ObjectOutputStream class. ObjectOutputStream class extends the DataOutput interface. The writeObject () method is the most important method for Object serialization. If the object contains references from other objects, the writeObject () method recursively serializes these objects. Each ObjectOutputStream maintains a serialized object reference table to prevent sending multiple copies of the same object. (This is important) Because writeObject () can serialize the entire set of cross-referenced objects, the same ObjectOutputStream instance may be accidentally requested to serialize the same object. In this case, deserialization is performed instead of writing the object byte stream again.
Next, let's take a look at the ObjectOutputStream class from the example.

Java code

// Serialize today's date to a file. fileOutputStream f = new FileOutputStream ("tmp"); ObjectOutputStream s = new ObjectOutputStream (f); s. writeObject ("Today"); s. writeObject (new Date (); s. flush ();
Now let's take a look at the ObjectInputStream class. It is similar to ObjectOutputStream. It extends the DataInput interface. Methods In ObjectInputStream public methods for reading Basic Java Data Types in the image DataInputStream. The readObject () method deserializes an object from a byte stream. Each call to the readObject () method returns the next Object in the stream. Object byte streams do not transmit class bytecode, but include class names and signatures. When readObject () receives an object, JVM loads the class specified in the header. If this class is not found, readObject () throws ClassNotFoundException. If you need to transmit object data and bytecode, you can use the RMI framework. Other methods of ObjectInputStream are used to customize the deserialization process.
Example: Java code
// Deserialize the string object and date object FileInputStream in = new FileInputStream ("tmp"); ObjectInputStream s = new ObjectInputStream (in); String today = (String) s. readObject (); Date date = (Date) s. readObject ();
Custom serialization process:

Serialization can usually be completed automatically, but sometimes it is necessary to control this process. Java can declare the class as serializable, but it can still manually control the data members declared as static or transient.
Example: A very simple serialization class. Public class simpleSerializableClassJava code
Implements Serializable {String sToday = "Today:"; transient Date dtToday = new Date ();}... during serialization, all data members of the class should be serializable except those declared as transient or static. Declaring the variable as transient tells JVM that we are responsible for the serialization of the variable. After a data member is declared as a transient, it cannot be added to the object byte stream during the serialization process and no data is sent from the transient data member. During data deserialization, the data member (because it is part of the class definition) needs to be rebuilt, but does not contain any data, because the data member does not write any data to the stream. Remember, the object Stream does not serialize static or transient. Our class uses the writeObject () and readObject () methods to process these data members. When using the writeObject () and readObject () methods, read the data members in the write order. Some code about how to use custom serialization is as follows: Java code favorites code // rewrite the writeObject () method to process transient members. Public void writeObject (ObjectOutputStream outputStream) throws IOException... {outputStream. defaultWriteObject (); // The Custom writeObject () method can use the built-in logic in automatic serialization. OutputStream. writeObject (oSocket. getInetAddress (); outputStream. writeInt (oSocket. getPort ();} // rewrite the readObject () method to receive transient members. Private void readObject (ObjectInputStream inputStream) throws IOException, ClassNotFoundException... {inputStream. defaultReadObject (); // ultreadobject () supplements automatic serialization of InetAddress oAddress = (InetAddress) inputStream. readObject (); int iPort = inputStream. readInt (); oSocket = new Socket (oAddress, iPort); iID = getID (); dtToday = new Date ();}
Fully customized serialization process:
If a class is fully responsible for its own serialization, implement the Externalizable interface instead of the Serializable interface. The Externalizable interface definition includes two methods: writeExternal () and readExternal (). These methods can be used to control how object data members write data into byte streams. when the class implements Externalizable, the header is written into the object stream, and then the class is fully responsible for serialization and data restoration. Besides the header, there is no automatic serialization at all. Pay attention to this. Implementing the Externalizable interface of declarative classes poses significant security risks. The writeExternal () and readExternal () methods are declared as public. Malicious classes can use these methods to read and write object data. Be especially careful when the object contains sensitive information. This includes using a secure connection or encrypting the entire byte stream.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.