public final class CustomObjectInputStream extends ObjectInputStream
ObjectInputStream that loads from the
class loader for this web application. This allows classes defined only
with the web application to be found correctly.ObjectInputStream.GetFieldbaseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING| Constructor and Description |
|---|
CustomObjectInputStream(InputStream stream,
ClassLoader classLoader)
Construct a new instance of CustomObjectInputStream without any filtering
of deserialized classes.
|
CustomObjectInputStream(InputStream stream,
ClassLoader classLoader,
Log log,
Pattern allowedClassNamePattern,
boolean warnOnFailure)
Construct a new instance of CustomObjectInputStream with filtering of
deserialized classes.
|
| Modifier and Type | Method and Description |
|---|---|
Class<?> |
resolveClass(ObjectStreamClass classDesc)
Load the local class equivalent of the specified stream class
description, by using the class loader assigned to this Context.
|
protected Class<?> |
resolveProxyClass(String[] interfaces)
Return a proxy class that implements the interfaces named in a proxy
class descriptor.
|
available, close, defaultReadObject, enableResolveObject, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, skipBytesmark, markSupported, read, reset, skipclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitread, skippublic CustomObjectInputStream(InputStream stream, ClassLoader classLoader) throws IOException
stream - The input stream we will read fromclassLoader - The class loader used to instantiate objectsIOException - if an input/output error occurspublic CustomObjectInputStream(InputStream stream, ClassLoader classLoader, Log log, Pattern allowedClassNamePattern, boolean warnOnFailure) throws IOException
stream - The input stream we will read fromclassLoader - The class loader used to instantiate objectslog - The logger to use to report any issues. It may only be null if
the filterMode does not require loggingallowedClassNamePattern - The regular expression to use to filter
deserialized classes. The fully qualified
class name must match this pattern for
deserialization to be allowed if filtering
is enabled.warnOnFailure - Should any failures be logged?IOException - if an input/output error occurspublic Class<?> resolveClass(ObjectStreamClass classDesc) throws ClassNotFoundException, IOException
resolveClass in class ObjectInputStreamclassDesc - Class description from the input streamClassNotFoundException - if this class cannot be foundIOException - if an input/output error occursprotected Class<?> resolveProxyClass(String[] interfaces) throws IOException, ClassNotFoundException
resolveProxyClass in class ObjectInputStreamIOExceptionClassNotFoundExceptionCopyright © 2000-2016 Apache Software Foundation. All Rights Reserved.