Java Object Serialization Specification
Table of Contents
-
1
System Architecture
-
1.1
Overview
-
1.2
Writing to an Object Stream
-
1.3
Reading from an Object Stream
-
1.4
Object Streams as Containers
-
1.5
Defining Serializable Fields for a Class
-
1.6
Documenting Serializable Fields and Data for a Class
-
1.7
Accessing Serializable Fields of a Class
-
1.8
The ObjectOutput Interface
-
1.9
The ObjectInput Interface
-
1.10
The Serializable Interface
-
1.11
The Externalizable Interface
-
1.12
Serialization of Enum Constants
-
1.13
Protecting Sensitive Information
2
Object Output Classes
-
2.1
The ObjectOutputStream Class
-
2.2
The ObjectOutputStream.PutField Class
-
2.3
The writeObject Method
-
2.4
The writeExternal Method
-
2.5
The writeReplace Method
-
2.6
The useProtocolVersion Method
3
Object Input Classes
-
3.1
The ObjectInputStream Class
-
3.2
The ObjectInputStream.GetField Class
-
3.3
The ObjectInputValidation Interface
-
3.4
The readObject Method
-
3.5
The readObjectNoData Method
-
3.6
The readExternal Method
-
3.7
The readResolve Method
4
Class Descriptors
-
4.1
The ObjectStreamClass Class
-
4.2
Dynamic Proxy Class Descriptors
-
4.3
Serialized Form
-
4.4
The ObjectStreamField Class
-
4.5
Inspecting Serializable Classes
-
4.6
Stream Unique Identifiers
5
Versioning of Serializable Objects
-
5.1
Overview
-
5.2
Goals
-
5.3
Assumptions
-
5.4
Who's Responsible for Versioning of Streams
-
5.5
Compatible JavaTM Type Evolution
-
5.6
Type Changes Affecting Serialization
-
5.6.1
Incompatible Changes
-
5.6.2
Compatible Changes
6
Object Serialization Stream Protocol
-
6.1
Overview
-
6.2
Stream Elements
-
6.3
Stream Protocol Versions
-
6.4
Grammar for the Stream Format
-
6.4.1
Rules of the Grammar
-
6.4.2
Terminal Symbols and Constants
A
Security in Object Serialization
-
A.1 Overview
-
A.2 Design Goals
-
A.3 Security Issues
-
A.4 Preventing Serialization of Sensitive Data
-
A.5 Writing Class-Specific Serializing Methods
-
A.6 Guarding Unshared Deserialized Objects
-
A.7 Preventing Overwriting of Externalizable Objects
-
A.8 Encrypting a Bytestream
B
Exceptions In Object Serialization
C
Example of Serializable Fields
-
C.1 Example Alternate Implementation of
java.io.File
CONTENTS | PREV | NEXT
Copyright © 2005, 2010, Oracle and/or its affiliates. All rights reserved.