T
- The class to serialize, see Serializable
public class ObjectRepresentation<T extends Serializable> extends OutputRepresentation
ObjectInputStream
and ObjectOutputStream
classes. In this
case, it handles representations having the following media type:
MediaType.APPLICATION_JAVA_OBJECT
("application/x-java-serialized-object"). It also supports textual
representations of JavaBeans using the XMLEncoder
and
XMLDecoder
classes. In this case, it handles representations having
the following media type: MediaType.APPLICATION_JAVA_OBJECT_XML
("application/x-java-serialized-object+xml").XMLDecoder
when deserializing XML
presentations from unstrusted sources can lead to malicious attacks. As
pointed here, the XMLDecoder
is able to force the JVM to execute
unwanted Java code described inside the XML file. Thus, the support of such
format has been disactivated by default. You can activate this support by
turning on the following system property:
org.restlet.representation.ObjectRepresentation.VARIANT_OBJECT_XML_SUPPORTED.ObjectInputStream
when deserializing
binary presentations from unstrusted sources can lead to malicious attacks.
As pointed here, the ObjectInputStream
is able to force the JVM to execute
unwanted Java code. Thus, the support of such format has been disactivated by
default. You can activate this support by turning on the following system
property: org.restlet.representation.ObjectRepresentation
.VARIANT_OBJECT_BINARY_SUPPORTED.Modifier and Type | Field and Description |
---|---|
static boolean |
VARIANT_OBJECT_BINARY_SUPPORTED
Indicates whether the JavaBeans binary deserialization is supported or
not.
|
static boolean |
VARIANT_OBJECT_XML_SUPPORTED
Indicates whether the JavaBeans XML deserialization is supported or not.
|
UNKNOWN_SIZE
Constructor and Description |
---|
ObjectRepresentation(Representation serializedRepresentation)
Constructor reading the object from a serialized representation.
|
ObjectRepresentation(Representation serializedRepresentation,
ClassLoader classLoader)
Constructor reading the object from a serialized representation.
|
ObjectRepresentation(T object)
Constructor for the
MediaType.APPLICATION_JAVA_OBJECT type. |
ObjectRepresentation(T object,
MediaType mediaType)
Constructor for either the
MediaType.APPLICATION_JAVA_OBJECT type
or the MediaType.APPLICATION_XML type. |
Modifier and Type | Method and Description |
---|---|
T |
getObject()
Returns the represented object.
|
void |
release()
Releases the represented object.
|
void |
setObject(T object)
Sets the represented object.
|
void |
write(OutputStream outputStream)
Writes the representation to a byte stream.
|
getChannel, getStream
getReader, write, write
append, exhaust, getAvailableSize, getDigest, getDisposition, getExpirationDate, getRange, getRegistration, getSize, getText, hasKnownSize, isAvailable, isEmpty, isSelectable, isTransient, setAvailable, setDigest, setDisposition, setExpirationDate, setListener, setRange, setSize, setTransient
getModificationDate, getTag, setModificationDate, setTag
createClientInfo, equals, getCharacterSet, getEncodings, getLanguages, getLocationRef, getMediaType, includes, isCompatible, setCharacterSet, setEncodings, setLanguages, setLocationRef, setLocationRef, setMediaType, toString
public static final boolean VARIANT_OBJECT_XML_SUPPORTED
public static final boolean VARIANT_OBJECT_BINARY_SUPPORTED
public ObjectRepresentation(Representation serializedRepresentation) throws IOException, ClassNotFoundException, IllegalArgumentException
serializedRepresentation
- The serialized representation.IOException
ClassNotFoundException
IllegalArgumentException
public ObjectRepresentation(Representation serializedRepresentation, ClassLoader classLoader) throws IOException, ClassNotFoundException, IllegalArgumentException
serializedRepresentation
- The serialized representation.classLoader
- The class loader used to read the object.IOException
ClassNotFoundException
IllegalArgumentException
public ObjectRepresentation(T object)
MediaType.APPLICATION_JAVA_OBJECT
type.object
- The serializable object.public ObjectRepresentation(T object, MediaType mediaType)
MediaType.APPLICATION_JAVA_OBJECT
type
or the MediaType.APPLICATION_XML
type. In the first case, the
Java Object Serialization mechanism is used, based on
ObjectOutputStream
. In the latter case, the JavaBeans XML
serialization is used, based on XMLEncoder
.object
- The serializable object.mediaType
- The media type.public T getObject() throws IOException
IOException
public void release()
release
in class Representation
public void setObject(T object)
object
- The represented object.public void write(OutputStream outputStream) throws IOException
Representation
OutputStream
after writing to it as this will be handled by
the Restlet connectors automatically.write
in class Representation
outputStream
- The output stream.IOException
Copyright © 2005–2014. All rights reserved.