Usage analysis of transient keywords in Java
- 2020-04-01 03:39:59
- OfStack
This article analyzes the usage of transient keywords in Java as an example. Share with you for your reference. Specific analysis is as follows:
One feature of Java is serialization, which simply means that you can store the class in a physical space (as a file, of course) so that when you restore the file locally, you can convert it to itself. This can greatly convenient some operations on the network, but at the same time, because involves the security problem, so do not want to store class all things can be through the serialization (because of that, people can know the content of the class), then we can use the keyword transient, its meaning is temporary and that will not be serialized with class to the local, so after the reduction, the key variables defined also ceases to exist.
Usually, we write programs require specific information can persist or saved to disk, to be used by a program or use another run on the same program. This persistence can be done in several ways, including written to a database or using JAVA object serialization support. No matter what method we choose, the durability of the class instance is accomplished by saving domain of class status, save the state, so that they can later be access or use them to create an instance of the same. However, could not all of the domain needs to be saved. When an instance is persisted, If some of its internal domains do not require persistence, the trainsient modifier can be used to tell the compiler that the specified domain does not need to be persisted.
First, let's look at some Java serialization code:
public class LoggingInfo implements java.io.Serializable
{
private Date loggingDate = new Date();
private String uid;
private transient String pwd;
LoggingInfo(String user, String password)
{
uid = user;
pwd = password;
}
public String toString()
{
String password=null;
if(pwd == null)
{
password = "NOT SET";
}
else
{
password = pwd;
}
return "logon info: /n " + "user: " + uid +
"/n logging date : " + loggingDate.toString() +
"/n password: " + password;
}
}Now we create an instance of this class, serialize it, and write the serialized object to disk.
LoggingInfo logInfo = new LoggingInfo("MIKE", "MECHANICS");
System.out.println(logInfo.toString());
try
{
ObjectOutputStream o = new ObjectOutputStream(
new FileOutputStream("logInfo.out"));
o.writeObject(logInfo);
o.close();
}
catch(Exception e) {//deal with exception}
To read the object back, we can write
try
{
ObjectInputStream in =new ObjectInputStream(
new FileInputStream("logInfo.out"));
LoggingInfo logInfo = (LoggingInfo)in.readObject();
System.out.println(logInfo.toString());
}
catch(Exception e) {//deal with exception}If we run this code, we'll notice that the object read back from disk (read -- back (de-serializing)) prints the password as "NOT SET". This is the correct result we expected when we defined the PWD field as transient.
Now, let's look at the potential problems that can arise from careless treatment of transient domains. Suppose we modify the class definition and provide a default value for the transient field. The code is as follows:
public class GuestLoggingInfo implements java.io.Serializable
{
private Date loggingDate = new Date();
private String uid;
private transient String pwd;
GuestLoggingInfo()
{
uid = "guest";
pwd = "guest";
}
public String toString()
{
//same as above
}
}
Now, if we traverse an instance of GuestLoggingInfo, write it to disk, and then read it from disk, we still see that the readback object print password is "NOT SET".
When an instance of a class is read from disk, the constructor for that class is not actually executed,
Instead, the persistent state of an object of that class is loaded and assigned to another object of that class.
I hope this article has been helpful to your Java programming.