使用Serializable接口进行JAVA的序列化和反序列化

OBJECT STREAMS – SERIALIZATION AND DESERIALIZATION IN JAVA EXAMPLE USING SERIALIZABLE INTERFACE


Hitesh Garg | November 7, 2014 | io | 9 Comments

In the previous java tutorials I have discussed about basic of java streamsbyte streams, then a modified version of them character streams which were specially for character data, then data streams to solve the problem of reading and writing java primitives directly but Object Streams are used to save the state to an object by converting it into a stream and storing into a file, database or some other location(known as Serialization) and to use it at a later point of time for retrieving the stored values and restoring the objects old state( known as Deserialization).

序列化:基于对象流,将对象状态(实例变量)转换为流,并存储到文件、数据库或其他地方。

反序列化;将对象流还原,获取存储对象实例和对象状态。

TABLE OF CONTENTS –

  1. REAL LIFE CASES
  2. MARKER INTERFACE
  3. MAIN INTERFACES FOR OBJECT STREAMS
  4. MAIN CLASSES FOR OBJECT STREAMS
  5. TRANSIENT KEYWORD
  6. EXAMPLE OF SERIALIZABLE INTERFACE

This serialization and deserialization helps us in many scenarios like gaming, session state management etc.

序列化和反序列化的一些应用场景:游戏、Session状态管理等。

Have you ever wondered how a game starts from the same point where we have left it? Then this is your answer. All this is done by saving the current state of the object(or game) and reloading the state so that the player could continue from the old state only. Also the checkpoint system in games follow this method by permanently saving the progress up to that state for later use.

Serialization-deserialization in Java – Object Streams
MARKER INTERFACE(四大常用的标记接口)

An interface in Java without any field and method is a Marker interface. It is used to inform compiler that the class implementing it has some special behavior or meaning. Some of the Marker interfaces are-

  • java.io.Serializable
  • java.rmi.Remote
  • java.util.RandomAccess
  • java.lang.Cloneable

Although since Java 5 marker interfaces are replaced by annotations and they serve the same purpose as marker interfaces did before but for serializability we still use the interfaces and the transient keyword.

特别指出,标记接口中的RandomAccess的重要应用,可以参考【RandomAccess接口理解】https://blog.csdn.net/stick2it/article/details/53469910。该文章介绍了RandomAccess在Collections类的 public static <T> int binarySearch(List<? extends Comparable<? super T>> list, T key) 方法中应用。

INTERFACES

Every Object Stream class implements either of the two interfaces-

  1. OBJECTINPUT – SUBINTERFACE OF DATAINPUT
  2. OBJECTOUTPUT – SUBINTERFACE OF DATAOUTPUT

Note:- Since both the interfaces above are sub interface of interfaces Data streams interfaces, That means that all the primitive data I/O methods covered in Data Streams are also implemented in object streams.

CLASSES FOR OBJECT STREAMS

Two classes that are used for Object Streams are –

  1. OBJECTINPUTSTREAM (用于反序列化)
    • This Java class is responsible for deserializing the previously serialized objects and the primitive data. 可反序列化之前已被序列化的对象、原始类型数据。
    • It reads the object from the graph of objects stored while using FileInputStream.
    • Method readObject() is the main method used to deserialize the object.The class of the object, the signature of the class, and the values of the non-transient and non-static fields of the class and all of its super types are read. 注意非transient和非static字段才可反序列化,另外可以读取对象、类以及超类信息。
      • public final Object readObject() throws IOException,ClassNotFoundException
  2. OBJECTOUTPUTSTREAM
    • This Java class is used to store primitives and a graph of Java object which are available to ObjectInputStream to read data from.
    • This does not care about saving the super class and sub class data but it could be achieved by using the writeObject method or by using the methods for primitive data types supported by DataOutput.
    • Method writeObject() is a main method of this Java class which serializes the object directly.
      • public final void writeObject(Object obj) throws IOException
TRANSIENT KEYWORD

There are scenarios in which we want to store only a part of the object i.e. we want to omit some specific fields from the stored object just like password field from any user class or an Employee or you can think of any other sensitive information.

In these cases we mark these fields as transient and this keyword protects the field from being saved during the process of serialization.

Example – transient private String password;

transient关键词用于屏蔽那些不想被序列化的字段。

SERIALIZATION AND DESERIALIZATION EXAMPLE

Now lets take an example and see how to do this using actual Java coding and have a look at some key points that should be remembered while using Serializable interface.

USER.JAVA

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

package com.codingeek.serialization;

import java.io.Serializable;

public class User implements Serializable {

    /**

     * Generated Serial version Id

     */

    private static final long serialVersionUID = -55857686305273843L;

    private String name;

    private String username;

    transient private String password;

    @Override

    public String toString() {

        // TODO Auto-generated method stub

        String value = "name : " + name + "\nUserName : " + username

                + "\nPassword : " + password;

        return value;

    }

    /**

     * Setters and getters methods.

     */

    public String getName() {

        return name;

    }

    public void setName(String name) {

        this.name = name;

    }

    public String getUsername() {

        return username;

    }

    public void setUsername(String username) {

        this.username = username;

    }

    public String getPassword() {

        return password;

    }

    public void setPassword(String password) {

        this.password = password;

    }

}
  • Make sure that the Java class you need to store must implement Serializable interface.
  • Notice that password field in the above class is made transient because it is a sensitive information and we don’t want to store it or you can chose any other field.
  • Also there is another field named serialVersionUID which is a Long variable and it should be defined for all the Java classes because if it is not and if in future we need to perform any changes in the class like variables, methods etc then we would never be able to deserialize an already serialized object.
    You can try it yourself by first serializing the object and then do some changes in your java class before deserializing it. You will get an error stating the change in SerialVersionUID which is generated automatically by the compiler.
  • Java的序列化机制是通过判断类的serialVersionUID来验证版本一致性的。在进行反序列化时,JVM会把传来的字节流中的serialVersionUID与本地相应实体类的serialVersionUID进行比较,如果相同就认为是一致的,可以进行反序列化,否则就会出现序列化版本不一致的异常。参考资料【3】java类中serialversionuid 作用 是什么?举个例子说明 https://www.cnblogs.com/duanxz/p/3511695.html 中有详细说明,示意图如下:


SERIALIZATIONUTIL.JAVA

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

package com.codingeek.serialization;

import java.io.BufferedInputStream;

import java.io.BufferedOutputStream;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.IOException;

import java.io.ObjectInputStream;

import java.io.ObjectOutputStream;

/**

 * This class is a utility class for performing the serialization and

 * deserialization operations provided the required information.

 *

 * @author hiteshgarg

 */

public class SerializationUtil {

    /**

     * deserialize to Object from given file. We use the general Object so as

     * that it can work for any Java Class.

     */

    public static Object deserialize(String fileName) throws IOException,

            ClassNotFoundException {

        FileInputStream fis = new FileInputStream(fileName);

        BufferedInputStream bis = new BufferedInputStream(fis);

        ObjectInputStream ois = new ObjectInputStream(bis);

        Object obj = ois.readObject();

        ois.close();

        return obj;

    }

    /**

     * serialize the given object and save it to given file

     */

    public static void serialize(Object obj, String fileName)

            throws IOException {

        FileOutputStream fos = new FileOutputStream(fileName);

        BufferedOutputStream bos = new BufferedOutputStream(fos);

        ObjectOutputStream oos = new ObjectOutputStream(bos);

        oos.writeObject(obj);

        oos.close();

    }

}

In the above Java utility class we have used

  • File Streams(For file related operations) which are wrapped in
  • Buffered Streams(for Speeding up the operations) which are finally wrapped into
  • Object Streams(for serialization and deserialization operations).
SERIALIZATIONTEST.JAVA

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

package com.codingeek.serialization;

import java.io.IOException;

public class SerializationTest {

    public static void main(String[] args) {

        User user = new User();

        user.setName("Hitesh");

        user.setUsername("Codingeek");

        user.setPassword("Garg");

        try {

            /**

             *  Serializing the object

             */

            SerializationUtil.serialize(user, "serialization.txt");

            /**

             * Deserializing the object

             */

            User newUser = (User) SerializationUtil.deserialize("serialization.txt");

            System.out.println(newUser.toString());

        } catch (IOException | ClassNotFoundException e) {

            e.printStackTrace();

        }

    }

}

 
Output:-
name : Hitesh
UserName : Codingeek
Password : null

Notice that the password value is null and it is because we have made it a transient field and hence it was not stored and at the time of deserialization a default value is assigned to this variable( which is obviously null).

Please comment to share your views, suggestions and to report any modification if required.

KEEP LEARNING. HAPPY LEARNING 

来源: https://www.codingeek.com/java/io/object-streams-serialization-deserialization-java-example-serializable-interface/

参考资料:

【1】OBJECT STREAMS – SERIALIZATION AND DESERIALIZATION IN JAVA EXAMPLE USING SERIALIZABLE INTERFACE

https://www.codingeek.com/java/io/object-streams-serialization-deserialization-java-example-serializable-interface/

【2】RandomAccess接口理解

https://blog.csdn.net/stick2it/article/details/53469910

【3】java类中serialversionuid 作用 是什么?举个例子说明

https://www.cnblogs.com/duanxz/p/3511695.html

原文地址:https://www.cnblogs.com/myitroad/p/8630632.html

时间: 2024-08-02 10:40:27

使用Serializable接口进行JAVA的序列化和反序列化的相关文章

Java的序列化与反序列化

Java序列化与反序列化是什么?为什么需要序列化与反序列化?如何实现Java序列化与反序列化?本文围绕这些问题进行了探讨. 1.Java序列化与反序列化 Java序列化是指把Java对象转换为字节序列的过程:而Java反序列化是指把字节序列恢复为Java对象的过程. 2.为什么需要序列化与反序列化 我们知道,当两个进程进行远程通信时,可以相互发送各种类型的数据,包括文本.图片.音频.视频等, 而这些数据都会以二进制序列的形式在网络上传送.那么当两个Java进程进行通信时,能否实现进程间的对象传送

Java对象序列化和反序列化

Java对象序列化和反序列化 在Java中,我们如果要保存一个对象的瞬时状态值,以便在下次使用时能够得到这些值,或者持久化对象,或者使用RMI(远程方法调用),或在网络中传递对象时,此时我们就需要将对象序列化,实现序列化,我们只要实现Serializable接口,该接口是一个标记接口(Tag interface),即里面没有方法,其主要作用就是告诉JVM该类的对象可以进行序列化. 一般来说,很多类的对象都实现了Serializable接口,但是,有些对象是不能进行序列化的,比如与数据库相关的连接

【转】Java对象序列化和反序列化

[转自]孤傲苍狼的Java基础学习总结——Java对象的序列化和反序列化 一.序列化和反序列化的概念 把对象转换为字节序列的过程称为对象的序列化. 把字节序列恢复为对象的过程称为对象的反序列化. 对象的序列化主要有两种用途: 1) 把对象的字节序列永久地保存到硬盘上,通常存放在一个文件中: 2) 在网络上传送对象的字节序列. 在很多应用中,需要对某些对象进行序列化,让它们离开内存空间,入住物理硬盘,以便长期保存.比如最常见的是Web服务器中的Session对 象,当有 10万用户并发访问,就有可

java 对象序列化与反序列化

Java序列化与反序列化是什么? 为什么需要序列化与反序列化? 如何实现Java序列化与反序列化? 本文围绕这些问题进行了探讨. 1.Java序列化与反序列化  Java序列化是指把Java对象转换为字节序列的过程: Java反序列化是指把字节序列恢复为Java对象的过程. 2.为什么需要序列化与反序列化 我们知道,当两个进程进行远程通信时,可以相互发送各种类型的数据,包括文本.图片.音频.视频等, 而这些数据都会以二进制序列的形式在网络上传送.那么当两个Java进程进行通信时,能否实现进程间的

Java对象序列化与反序列化

Java对象序列化与反序列化 对象序列化的目标是将对象保存在磁盘中或者在网络中进行传输.实现的机制是允许将对象转为与平台无关的二进制流. java中对象的序列化机制是将允许对象转为字节序列.这些字节序列可以使Java对象脱离程序存在,从而可以保存在磁盘上,也可以在网络间传输. 对象的序列化是将一个Java对象写入IO流:与此对应的,反序列化则是从IO流中恢复一个Java对象. 实现序列化 如果要将一个java对象序列化,那么对象的类需要是可序列化的.要让类可序列化,那么这个类需要实现如下两个接口

java对象序列化、反序列化

平时我们在Java内存中的对象,是无法进行IO操作或者网络通信的,因为在进行IO操作或者网络通信的时候,人家根本不知道内存中的对象是个什么东西,因此必须将对象以某种方式表示出来,即存储对象中的状态.一个Java对象的表示有各种各样的方式,Java本身也提供给了用户一种表示对象的方式,那就是序列化.换句话说,序列化只是表示对象的一种方式而已.OK,有了序列化,那么必然有反序列化,我们先看一下序列化.反序列化是什么意思. 序列化:将一个对象转换成一串二进制表示的字节数组,通过保存或转移这些字节数据来

java 的序列化和反序列化的问题

引言 将 Java 对象序列化为二进制文件的 Java 序列化技术是 Java 系列技术中一个较为重要的技术点,在大部分情况下,开发人员只需要了解被序列化的类需要实现 Serializable 接口,使用 ObjectInputStream 和 ObjectOutputStream 进行对象的读写.然而在有些情况下,光知道这些还远远不够,文章列举了笔者遇到的一些真实情境,它们与 Java 序列化相关,通过分析情境出现的原因,使读者轻松牢记 Java 序列化中的一些高级认识. 回页首 文章结构 本

深入分析Java的序列化与反序列化

阅读目录 Java对象的序列化如何对Java对象进行序列化与反序列化序列化及反序列化相关知识ArrayList的序列化ObjectOutputStream总结 序列化是一种对象持久化的手段.普遍应用在网络传输.RMI等场景中.本文通过分析ArrayList的序列化来介绍Java序列化的相关内容.主要涉及到以下几个问题: 怎么实现Java的序列化 为什么实现了java.io.Serializable接口才能被序列化 transient的作用是什么 怎么自定义序列化策略 自定义的序列化策略是如何被调

java 的序列化与反序列化

前言: 一直很不理解java的序列化的概念,为什么java对象的序列化要实现 Serializable的接口?或者要实现Externalizable的接口?而且Externalizable 的父类还是Serializable!并且Serializable接口中没有定义任何变量和方法! 而查找资料,资料中说 java JDK 中 java.io.ObjectOutputStream 与 java.io.ObjectInputStream 是 序列化API 那这里的序列化又是什么意思?查看 java