“对象序列化”是什么意思?你能举例解释一下吗?
当前回答
我喜欢@OscarRyz的礼物方式。虽然在这里我是在继续这个最初由@amitgupta写的连载故事。
即使知道机器人的类结构和序列化的数据,地球的科学家也不能反序列化的数据,可以使机器人工作。
Exception in thread "main" java.io.InvalidClassException:
SerializeMe; local class incompatible: stream classdesc
:
火星的科学家们正在等待全额付款。一旦付款完成,火星的科学家与地球的科学家分享了序列号。地球科学家把它设置成机器人级别,一切都好了。
其他回答
序列化一个类:将一个对象转换为字节和字节返回到对象(反序列化)。
class NamCls implements Serializable
{
int NumVar;
String NamVar;
}
对象序列化是将对象的状态转换为字节蒸汽的过程。
|->当您希望对象在JVM生命周期之外仍然存在时实现。 |->序列化对象可以存储在数据库中。 |->可序列化对象不能被人类读取和理解,因此我们可以实现安全性。
对象-反序列化是获取对象状态并将其存储到对象(java.lang.Object)的过程。
|->在存储它的状态之前,它检查serialVersionUID表单input-file/network和.class文件serialVersionUID是否相同。 如果不抛出java.io.InvalidClassException。
一个Java对象只有在它的类或它的任何超类时才是可序列化的
实现java.io.Serializable接口或 它的子接口java.io.Externalizable。
|=>类中的静态字段不支持序列化。
class NamCls implements Serializable
{
int NumVar;
static String NamVar = "I won't be serializable";;
}
如果你不想序列化一个类的变量,使用transient关键字
class NamCls implements Serializable
{
int NumVar;
transient String NamVar;
}
如果一个类实现了可序列化,那么它的所有子类也都是可序列化的。
|=>如果一个类有另一个类的引用,所有的引用必须是Serializable,否则序列化过程将不会执行。在这种情况下,NotSerializableException将在运行时抛出。
Serialization is the process of saving an object in a storage medium (such as a file, or a memory buffer) or to transmit it over a network connection in binary form. The serialized objects are JVM independent and can be re-serialized by any JVM. In this case the "in memory" java objects state are converted into a byte stream. This type of the file can not be understood by the user. It is a special types of object i.e. reused by the JVM (Java Virtual Machine). This process of serializing an object is also called deflating or marshalling an object.
要序列化的对象必须实现java.io.Serializable Interface。 对象的默认序列化机制写入对象的类、类签名以及所有非瞬态和非静态字段的值。
class ObjectOutputStream extends java.io.OutputStream implements ObjectOutput,
ObjectOutput接口扩展了DataOutput接口,并添加了用于序列化对象和向文件写入字节的方法。ObjectOutputStream扩展了java.io.OutputStream并实现了ObjectOutput接口。它将对象、数组和其他值序列化到流中。因此ObjectOutputStream的构造函数被写成:
ObjectOutput ObjOut = new ObjectOutputStream(new FileOutputStream(f));
上面的代码已用于使用ObjectOutputStream()构造函数创建ObjectOutput类的实例,该构造函数将FileOuputStream的实例作为参数。
ObjectOutput接口用于实现ObjectOutputStream类。构造ObjectOutputStream是为了序列化对象。
在java中反序列化对象
与序列化相反的操作称为反序列化,即从一系列字节中提取数据称为反序列化,也称为膨胀或解组。
ObjectInputStream扩展了java.io.InputStream,实现了ObjectInput接口。它反序列化来自输入流的对象、数组和其他值。因此ObjectInputStream的构造函数被写成:
ObjectInputStream obj = new ObjectInputStream(new FileInputStream(f));
上面的程序代码创建了ObjectInputStream类的实例,以反序列化已被ObjectInputStream类序列化的文件。上面的代码使用FileInputStream类的实例创建实例,FileInputStream类包含必须反序列化的指定文件对象,因为ObjectInputStream()构造函数需要输入流。
我在自己的博客上说:
下面是关于序列化的详细解释:(我自己的博客)
序列化:
序列化是持久化对象状态的过程。它以字节序列的形式表示和存储。这可以存储在一个文件中。从文件中读取对象状态并恢复它的过程称为反序列化。
序列化的需求是什么?
In modern day architecture, there is always a need to store object state and then retrieve it. For example in Hibernate, to store a object we should make the class Serializable. What it does, is that once the object state is saved in the form of bytes it can be transferred to another system which can then read from the state and retrieve the class. The object state can come from a database or a different jvm or from a separate component. With the help of Serialization we can retrieve the Object state.
代码示例及说明:
首先让我们来看看Item Class:
public class Item implements Serializable{
/**
* This is the Serializable class
*/
private static final long serialVersionUID = 475918891428093041L;
private Long itemId;
private String itemName;
private transient Double itemCostPrice;
public Item(Long itemId, String itemName, Double itemCostPrice) {
super();
this.itemId = itemId;
this.itemName = itemName;
this.itemCostPrice = itemCostPrice;
}
public Long getItemId() {
return itemId;
}
@Override
public String toString() {
return "Item [itemId=" + itemId + ", itemName=" + itemName + ", itemCostPrice=" + itemCostPrice + "]";
}
public void setItemId(Long itemId) {
this.itemId = itemId;
}
public String getItemName() {
return itemName;
}
public void setItemName(String itemName) {
this.itemName = itemName;
}
public Double getItemCostPrice() {
return itemCostPrice;
}
public void setItemCostPrice(Double itemCostPrice) {
this.itemCostPrice = itemCostPrice;
}
}
在上面的代码中,可以看到Item类实现了Serializable。
这是使类可序列化的接口。
现在我们可以看到一个名为serialVersionUID的变量被初始化为Long变量。这个数字是由编译器根据类的状态和类属性计算出来的。这个数字将帮助jvm在从文件中读取对象的状态时识别对象的状态。
为此,我们可以看看官方的Oracle文档:
The serialization runtime associates with each serializable class a version number, called a serialVersionUID, which is used during deserialization to verify that the sender and receiver of a serialized object have loaded classes for that object that are compatible with respect to serialization. If the receiver has loaded a class for the object that has a different serialVersionUID than that of the corresponding sender's class, then deserialization will result in an InvalidClassException. A serializable class can declare its own serialVersionUID explicitly by declaring a field named "serialVersionUID" that must be static, final, and of type long: ANY-ACCESS-MODIFIER static final long serialVersionUID = 42L; If a serializable class does not explicitly declare a serialVersionUID, then the serialization runtime will calculate a default serialVersionUID value for that class based on various aspects of the class, as described in the Java(TM) Object Serialization Specification. However, it is strongly recommended that all serializable classes explicitly declare serialVersionUID values, since the default serialVersionUID computation is highly sensitive to class details that may vary depending on compiler implementations, and can thus result in unexpected InvalidClassExceptions during deserialization. Therefore, to guarantee a consistent serialVersionUID value across different java compiler implementations, a serializable class must declare an explicit serialVersionUID value. It is also strongly advised that explicit serialVersionUID declarations use the private modifier where possible, since such declarations apply only to the immediately declaring class--serialVersionUID fields are not useful as inherited members.
如果你注意到我们使用的另一个关键字是瞬态的。
如果字段不可序列化,则必须将其标记为transient。这里我们将itemCostPrice标记为transient,不希望将其写入文件中
现在让我们看看如何在文件中写入对象的状态,然后从那里读取它。
public class SerializationExample {
public static void main(String[] args){
serialize();
deserialize();
}
public static void serialize(){
Item item = new Item(1L,"Pen", 12.55);
System.out.println("Before Serialization" + item);
FileOutputStream fileOut;
try {
fileOut = new FileOutputStream("/tmp/item.ser");
ObjectOutputStream out = new ObjectOutputStream(fileOut);
out.writeObject(item);
out.close();
fileOut.close();
System.out.println("Serialized data is saved in /tmp/item.ser");
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
public static void deserialize(){
Item item;
try {
FileInputStream fileIn = new FileInputStream("/tmp/item.ser");
ObjectInputStream in = new ObjectInputStream(fileIn);
item = (Item) in.readObject();
System.out.println("Serialized data is read from /tmp/item.ser");
System.out.println("After Deserialization" + item);
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (ClassNotFoundException e) {
e.printStackTrace();
}
}
}
在上面的例子中,我们可以看到一个对象的序列化和反序列化。
为此我们使用了两个类。为了序列化对象,我们使用了ObjectOutputStream。我们已经使用writeObject方法将对象写入文件。
对于反序列化,我们使用ObjectInputStream从文件中读取对象。它使用readObject从文件中读取对象数据。
上述代码的输出如下所示:
Before SerializationItem [itemId=1, itemName=Pen, itemCostPrice=12.55]
Serialized data is saved in /tmp/item.ser
After DeserializationItem [itemId=1, itemName=Pen, itemCostPrice=null]
注意,来自反序列化对象的itemCostPrice是空的,因为它没有被写入。
在本文的第一部分中,我们已经讨论了Java序列化的基础知识。
现在让我们深入讨论它以及它是如何工作的。
首先让我们从serialversionuid开始。
serialVersionUID用作Serializable类中的版本控制。
如果您没有显式地声明serialVersionUID, JVM将根据Serializable类的各种属性自动为您声明。
Java的计算serialversionuid的算法(在这里阅读更多细节)
The class name. The class modifiers written as a 32-bit integer. The name of each interface sorted by name. For each field of the class sorted by field name (except private static and private transient fields: The name of the field. The modifiers of the field written as a 32-bit integer. The descriptor of the field. If a class initializer exists, write out the following: The name of the method, . The modifier of the method, java.lang.reflect.Modifier.STATIC, written as a 32-bit integer. The descriptor of the method, ()V. For each non-private constructor sorted by method name and signature: The name of the method, . The modifiers of the method written as a 32-bit integer. The descriptor of the method. For each non-private method sorted by method name and signature: The name of the method. The modifiers of the method written as a 32-bit integer. The descriptor of the method. The SHA-1 algorithm is executed on the stream of bytes produced by DataOutputStream and produces five 32-bit values sha[0..4]. The hash value is assembled from the first and second 32-bit values of the SHA-1 message digest. If the result of the message digest, the five 32-bit words H0 H1 H2 H3 H4, is in an array of five int values named sha, the hash value would be computed as follows:
long hash = ((sha[0] >>> 24) & 0xFF) |
> ((sha[0] >>> 16) & 0xFF) << 8 |
> ((sha[0] >>> 8) & 0xFF) << 16 |
> ((sha[0] >>> 0) & 0xFF) << 24 |
> ((sha[1] >>> 24) & 0xFF) << 32 |
> ((sha[1] >>> 16) & 0xFF) << 40 |
> ((sha[1] >>> 8) & 0xFF) << 48 |
> ((sha[1] >>> 0) & 0xFF) << 56;
Java的序列化算法
The algorithm to serialize an object is described as below: 1. It writes out the metadata of the class associated with an instance. 2. It recursively writes out the description of the superclass until it finds java.lang.object. 3. Once it finishes writing the metadata information, it then starts with the actual data associated with the instance. But this time, it starts from the topmost superclass. 4. It recursively writes the data associated with the instance, starting from the least superclass to the most-derived class.
要记住的事情:
Static fields in a class cannot be serialized. public class A implements Serializable{ String s; static String staticString = "I won't be serializable"; } If the serialversionuid is different in the read class it will throw a InvalidClassException exception. If a class implements serializable then all its sub classes will also be serializable. public class A implements Serializable {....}; public class B extends A{...} //also Serializable If a class has a reference of another class, all the references must be Serializable otherwise serialization process will not be performed. In such case, NotSerializableException is thrown at runtime.
Eg:
public class B{
String s,
A a; // class A needs to be serializable i.e. it must implement Serializable
}
您可以将序列化看作是将对象实例转换为字节序列的过程(根据实现的不同,字节序列可能是二进制的,也可能不是)。
当您希望通过网络传输一个对象数据时(例如从一个JVM传输到另一个JVM),它非常有用。
在Java中,序列化机制内置于平台中,但您需要实现Serializable接口以使对象可序列化。
还可以通过将属性标记为transient来防止对象中的某些数据被序列化。
最后,您可以覆盖默认机制,并提供您自己的;这可能适用于某些特殊情况。为此,您需要使用java中的一个隐藏特性。
重要的是要注意,被序列化的是对象的“值”或内容,而不是类定义。因此方法不是序列化的。
下面是一个非常基本的示例,带有注释,以方便阅读:
import java.io.*;
import java.util.*;
// This class implements "Serializable" to let the system know
// it's ok to do it. You as programmer are aware of that.
public class SerializationSample implements Serializable {
// These attributes conform the "value" of the object.
// These two will be serialized;
private String aString = "The value of that string";
private int someInteger = 0;
// But this won't since it is marked as transient.
private transient List<File> unInterestingLongLongList;
// Main method to test.
public static void main( String [] args ) throws IOException {
// Create a sample object, that contains the default values.
SerializationSample instance = new SerializationSample();
// The "ObjectOutputStream" class has the default
// definition to serialize an object.
ObjectOutputStream oos = new ObjectOutputStream(
// By using "FileOutputStream" we will
// Write it to a File in the file system
// It could have been a Socket to another
// machine, a database, an in memory array, etc.
new FileOutputStream(new File("o.ser")));
// do the magic
oos.writeObject( instance );
// close the writing.
oos.close();
}
}
当我们运行这个程序时,文件“o.ser”被创建,我们可以看到后面发生了什么。
如果我们将:someInteger的值更改为,例如Integer。MAX_VALUE,我们可以比较输出,看看有什么不同。
下面的截图正好显示了这种差异:
你能看出区别吗?;)
在Java序列化中还有一个额外的相关字段:serialversionUID,但我想这已经太长了,无法涵盖它。
我喜欢@OscarRyz的礼物方式。虽然在这里我是在继续这个最初由@amitgupta写的连载故事。
即使知道机器人的类结构和序列化的数据,地球的科学家也不能反序列化的数据,可以使机器人工作。
Exception in thread "main" java.io.InvalidClassException:
SerializeMe; local class incompatible: stream classdesc
:
火星的科学家们正在等待全额付款。一旦付款完成,火星的科学家与地球的科学家分享了序列号。地球科学家把它设置成机器人级别,一切都好了。
推荐文章
- 在流中使用Java 8 foreach循环移动到下一项
- 访问限制:'Application'类型不是API(必需库rt.jar的限制)
- 用Java计算两个日期之间的天数
- 如何配置slf4j-simple
- 在Jar文件中运行类
- 带参数的可运行?
- 我如何得到一个字符串的前n个字符而不检查大小或出界?
- 我可以在Java中设置enum起始值吗?
- Java中的回调函数
- c#和Java中的泛型有什么不同?和模板在c++ ?
- 在Java中,流相对于循环的优势是什么?
- Jersey在未找到InjectionManagerFactory时停止工作
- 在Java流是peek真的只是调试?
- Recyclerview不调用onCreateViewHolder
- 将JSON字符串转换为HashMap
