Java 对象的序列化和反序列化

  • 先创建一个实现了Serializable接口的对象
    import java.io.Serializable;

    /**
     * 可序列化Person对象.
     * @author Ramer
     * Sep 18, 2016
     */
    public class SerializablePerson implements Serializable{
        private static final long serialVersionUID = 1L;
        private String name;
        private String alia;
        private Integer age;

        public SerializablePerson() {
        }

        public SerializablePerson(String name, String alia, Integer age) {
            this.name = name;
            this.alia = alia;
            this.age = age;
        }

        public Integer getAge() {
            return age;
        }

        public void setAge(Integer age) {
            this.age = age;
        }

        public void setAlia(String alia) {
            this.alia = alia;
        }

        public void setName(String name) {
            this.name = name;
        }

        public String getAlia() {
            return alia;
        }

        public String getName() {
            return name;
        }

        /**
         * 序列化写入对象前会调用本方法,可调试ObjectInputStream.writeObject方法
         *
         * @param stream the stream
         * @throws IOException Signals that an I/O exception has occurred.
         */
        private void writeObject(java.io.ObjectOutputStream stream) throws java.io.IOException {
            // 模拟加密age属性
            age = age << 2;
            stream.defaultWriteObject();
        }

        /**
         * 反序列化读取对象前会调用本方法,可调试ObjectInputStream.readObject方法.
         *
         * @param stream the stream
         * @throws IOException Signals that an I/O exception has occurred.
         * @throws ClassNotFoundException the class not found exception
         */
        private void readObject(java.io.ObjectInputStream stream) throws java.io.IOException, ClassNotFoundException {
            stream.defaultReadObject();
            // 解密age属性
            age = age >> 2;
        }

        @Override
        public String toString() {
            return "Person [name=" + name + ", alia=" + alia + ", age=" + age + "]";
        }
    }

  • 序列化对象到本地文件
public void serializationTest() {
    String file = "testSrc/person.ser";
    SerializablePerson person = new SerializablePerson("ramer", "feng", 4);
    try (FileOutputStream out = new FileOutputStream(file);
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(out);) {
        objectOutputStream.writeObject(person);
    } catch (Exception e) {
        e.printStackTrace();
    }
}

  • 从指定文件反序列化对象
public void deserializationTest() {
    String file = "testSrc/person.ser";
    try (FileInputStream out = new FileInputStream(file);
        ObjectInputStream objectInputStream = new ObjectInputStream(out);) {
        SerializablePerson person = (SerializablePerson) objectInputStream.readObject(); 
        System.out.println("name: " + person.getName());
        System.out.println("alia: "+ person.getAlia());
        System.out.println("age: " + person.getAge());
    } catch (Exception e) {
        e.printStackTrace();
    }
}

  • 在对象序列化时,即调用objectInputStream.writeObject()方法时,会调用实例对象的writeObject()方法,在该方法中,可以实现对某些敏感字段的加密(比如这里的age).
    请注意: 要序列化对象的writeObject() 和readObject()方法签名必须和我上面的一致,否则加密将不会起作用.
  • 转载 http://blog.csdn.net/u011699931/article/details/52587647
posted @ 2017-04-09 10:20  时光孤岛  阅读(271)  评论(0编辑  收藏  举报