JAVA Object 序列化与反序列化,以及控制Object 部分序列化与反序列化
1.JAVA Object 序列化与反序列化
所谓的JAVA序列化与反序列化,序列化就是将JAVA 对象以一种的形式保持,比如存放到硬盘,或是用于传输。反序列化是序列化的一个逆过程
JAVA规定被序列化的对象必须实现java.io.Serializable这个接口,我们假设序列化类为Person
举例如下:
被序列化的对象类
package com.models;
import java.io.Serializable;
public class Person implements Serializable{
/**
* JAVA序列化对象
*/
private static final long serialVersionUID = 1L;
private String Uid;
private String name;
private Integer age;
public Person(){
}
public Person(String uid, String name, Integer age) {
super();
Uid = uid;
this.name = name;
this.age = age;
}
public String getUid() {
return Uid;
}
public void setUid(String uid) {
Uid = uid;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
@Override
public String toString() {
return this.Uid+"-"+this.name+"-"+this.age;
}
}
自己写的一个序列化的工具类JavaSerializableUtil
package com.utils;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import com.models.Person;
public class JavaSerializableUtil {
public final static void serializable(String outputFile,Object object) throws IOException{
FileOutputStream fos = new FileOutputStream(outputFile);
ObjectOutputStream oos = new ObjectOutputStream(fos);
if(object instanceof Person){
Person person = (Person)object;
System.out.println("序列化: "+person);
}
oos.writeObject(object);
oos.flush();
oos.close();
}
public final static void deserializable(String inputFile,Object object) throws IOException, ClassNotFoundException{
FileInputStream fis = new FileInputStream(inputFile);
ObjectInputStream ois = new ObjectInputStream(fis);
Person person = (Person)ois.readObject();
System.out.println("反序列化: "+person);
}
}
编写测试类Main
package com.test;
import java.io.IOException;
import com.models.Person;
import com.utils.JavaSerializableUtil;
public class Main {
/**
* @param args
*/
public static void main(String[] args) throws IOException, ClassNotFoundException {
Person object = new Person("xxxxxuuuiiiidd","aven",60);
//JavaSerializableUtil.serializable("c:\\javaserializable.txt", object);
JavaSerializableUtil.deserializable("c:\\javaserializable.txt",Person.class);
}
}
以上程序运行结果如下:
序列化: xxxxxuuuiiiidd-aven-60
反序列化: xxxxxuuuiiiidd-aven-60
2.控制Object 部分序列化与反序列化
我们知道JAVA,规定凡是被transisent,static 修饰的变量,将不被序列化。
此外,还有一种方法可以更加动态的控制序列类的哪一些属性被序列化,哪些不被序列化。这也是这一小节要讲的主要内容。
这个类是java.io.Externalizable这个接口,这个接口继承了Serializable接口。
让被序列化的对象Person实现这个接口,通过重写里这的readExternal(),writeExternal()两个方法,在这两个方法里边拦节对象的属性,控制在序列化时,对象的哪些属性被序列,哪些不被序列;控制在反序列化时,对象的哪些属性被反序列化,哪些属性不被反序列化,从而以保证信息的安全
举例
只需要将上面的序列化对象Person修改如下即可
package com.models;
import java.io.Externalizable;
import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
public class Person implements Externalizable{
/**
* JAVA序列化对象
*/
private static final long serialVersionUID = 1L;
private String Uid;
private String name;
private Integer age;
public Person(){
}
public Person(String uid, String name, Integer age) {
super();
Uid = uid;
this.name = name;
this.age = age;
}
public String getUid() {
return Uid;
}
public void setUid(String uid) {
Uid = uid;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
@Override
public String toString() {
return this.Uid+"-"+this.name+"-"+this.age;
}
@Override
public void writeExternal(ObjectOutput out) throws IOException {
// 只序列化name
System.out.println("只序列化Person对象的name: "+this.name);
out.writeUTF(this.name);
}
@Override
public void readExternal(ObjectInput in) throws IOException,
ClassNotFoundException {
// 读出序列化对象的name
System.out.println("读出序列化Person对象的name "+in.readUTF());
}
}