Java Object Serialization Specification
1
System Architecture
- 1.1 Overview
- 1.2 Writing to an Object Stream
- 1.3 Reading from an Object Stream
- 1.4 Object Streams as Containers
- 1.5 Defining Serializable Fields for a Class
- 1.6 Documenting Serializable Fields and Data for a Class
- 1.7 Accessing Serializable Fields of a Class
- 1.8 The ObjectOutput Interface
- 1.9 The ObjectInput Interface
- 1.10 The Serializable Interface
- 1.11 The Externalizable Interface
- 1.12 Protecting Sensitive Information
2
Object Output Classes
- 2.1 The ObjectOutputStream Class
- 2.2 The ObjectOutputStream.PutField Class
- 2.3 The writeObject Method
- 2.4 The writeExternal Method
- 2.5 The writeReplace Method
- 2.6 The useProtocolVersion Method
3 Object Input Classes
- 3.1 The ObjectInputStream Class
- 3.2 The ObjectInputStream.GetField Class
- 3.3 The ObjectInputValidation Interface
- 3.4 The readObject Method
- 3.5 The readObjectNoData Method
- 3.6 The readExternal Method
- 3.7 The readResolve Method
4 Class Descriptors
- 4.1 The ObjectStreamClass Class
- 4.2 Dynamic Proxy Class Descriptors
- 4.3 Serialized Form
- 4.4 The ObjectStreamField Class
- 4.5 Inspecting Serializable Classes
- 4.6 Stream Unique Indentifiers
5 Versioning of Serializable Objects
- 5.1 Overview
- 5.2 Goals
- 5.3 Assumptions
- 5.4 Who's Responsible for Versioning of Streams
- 5.5 Compatible Java Type Evolution
- 5.6 Type Changes Affecting Serialization
6 Object Serialization Stream Protocol
- 6.1 Overview
- 6.2 Stream Elements
- 6.3 Stream Protocol Versions
- 6.4 Grammar for the Stream Format
A Security in Object Serialization
- A.1 Overview
- A.2 Design Goals
- A.3 Security Issues
- A.4 Preventing Serialization of Sensitive Data
- A.5 Writing Class-Specific Serializing Methods
- A.6 Guarding Unshared Deserialized Objects
- A.7 Preventing Overwriting of Externalizable Objects
- A.8 Encrypting a Bytestream
B Exceptions In Object Serialization
C Example of Serializable Fields
- C.1 Example Alternate Implementation of java.io.File
CONTENTS | PREV
| NEXT