Java serialization knowledge sorting and java serialization sorting

Java serialization knowledge sorting and java serialization sorting

1. What is serialization?

Serialization refers to serializing an object into a byte stream for network transmission or persistence.

2. Use Cases of serialization?

A). Persistence of objects in memory to files or databases;

B). The object is transmitted over the network.

3. serialization implementation?

1). Implement the Serializable interface:

This method is simple and does not have any implementation methods.

I have been using this method for two years (web Development). The following describes this method.

2) Implement the Externalizable interface: Externalizable is a subinterface of Serializable.
You can control the serialization attributes by yourself.

4. Notes for Serializable serialization

1. the serialization ID must be consistent.

The Virtual Machine allows deserialization with three conditions: consistent class paths, consistent functional code, and consistent serialization IDs of the two classes;

2. If object A references object B and object A implements serialization, object B is also serialized;

3. If the parent object is serialized, the sub-object will also be serialized.

4. If the subclass object is serialized, the parent class object will not be serialized. During deserialization, the default non-parameter constructor object is called;

5. When a serialized object contains a transient modifier before the property, the property is not serialized because the transient property is temporary;

6. When a serialized object contains a static modifier before the property, the property will not be serialized, because static indicates that the secondary property is a class property, not an object property;

7. attributes in the serialized object are sensitive fields. If Encryption Transmission is required, custom serialization and deserialization are required. It should be noted that even if the object property is private, it is not safe, and only manual security processing is required.

Custom method: You can customize the writeObject () and readObject () methods in the serialized class, and attempt to call the writeObject and readObject methods in the object class, for custom serialization and deserialization,

If this method is not available, the defaultWriteObject method of ObjectOutputStream and the defaultReadObject method of ObjectInputStream are called by default.

6. serialization storage rules: When a file is written into the same object, the object content will not be stored, but a reference will be stored again, and the file size will not double, only slightly increased (new reference control information ).