Java反序列化测试

前言：有没有想过，如何将对象进行“加密”后写入磁盘？序列化帮你实现！

1.概念

序列化 (Serialization)将对象的状态信息转换为可以存储或传输的形式的过程。在序列化期间，对象将其当前状态写入到临时或持久性存储区。以后，可以通过从存储区中读取或反序列化对象的状态，重新创建该对象.

2.反序列化Java实验

--测试的实体类--

package exercise;

import java.io.Serializable;

public class Person implements Serializable{
private String name;
private int age;

public Person() {
}

public String getName() {
return name;
}

public void setName(String name) {
this.name = name;
}

public int getAge() {
return age;
}

public void setAge(int age) {
this.age = age;
}

public Person(String name, int age) {
super();
this.name = name;
this.age = age;
}

}

1)单对象序列化

package exercise;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.ArrayList;
import java.util.List;

public class ObjectStreamDemo1 {
/**
* @param args
* @throws IOException
* @throws ClassNotFoundException
*/

public final static String PATH = "obj.object1";

public static void main(String[] args) throws IOException,
ClassNotFoundException {
//writeObj();
readObj();
System.out.println("--End--");
}

public static void readObj() throws IOException, ClassNotFoundException {
ObjectInputStream ois = new ObjectInputStream(new FileInputStream(
PATH));

Person p  = (Person)ois.readObject();
System.out.println(p.getName() + "|" + p.getAge());

}

public static void writeObj() throws IOException {
ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(
PATH));

oos.writeObject(new Person("张三", 30));
oos.close();
}
}

结果显示


2)多对象序列化

package exercise;

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.util.ArrayList;
import java.util.List;

public class ObjectStreamDemo2 {
/**
* @param args
* @throws IOException
* @throws ClassNotFoundException
*/
public final static String PATH = "obj.object";
public static void main(String[] args) throws IOException,
ClassNotFoundException {

//writeObj();
readObj();
System.out.println("---end!---");
}

public static void readObj() throws IOException, ClassNotFoundException {
ObjectInputStream ois = new ObjectInputStream(new FileInputStream(
PATH));

List<Person> persons  = (List<Person>)ois.readObject();
for(Person p:persons){
System.out.println(p.getName() + "|" + p.getAge());
}
}

public static void writeObj() throws IOException {
ObjectOutputStream oos = new ObjectOutputStream(new FileOutputStream(
PATH));

List<Person> persons = new ArrayList<Person>();
Person p1 = new Person("张三",18);
Person p2 = new Person("李四",19);
persons.add(p1);
persons.add(p2);
oos.writeObject(persons);
oos.close();
}
}

结果显示



注意：

·实体类必须实现序列化接口“java.io.Serializable”

·生成的obj.object 因为是二进制文件，故无法正常打开，若notepad打开也是乱码！



总结：序列化技术在web端技术的应用相当重要，希望学习Java的朋友都能理解该技术并进行应用。