Package org.restlet.representation
Class ObjectRepresentation<T extends Serializable>
java.lang.Object
org.restlet.representation.Variant
org.restlet.representation.RepresentationInfo
org.restlet.representation.Representation
org.restlet.representation.StreamRepresentation
org.restlet.representation.OutputRepresentation
org.restlet.representation.ObjectRepresentation<T>
- Type Parameters:
T- The class to serialize, seeSerializable
Representation based on a serializable Java object.
It supports binary representations of JavaBeans using the
SECURITY WARNING: The usage of
SECURITY WARNING: The usage of
It supports binary representations of JavaBeans using the
ObjectInputStream and ObjectOutputStream classes. In this
case, it handles representations having the following media type:
MediaType.APPLICATION_JAVA_OBJECT
("application/x-java-serialized-object"). It also supports textual
representations of JavaBeans using the XMLEncoder and
XMLDecoder classes. In this case, it handles
representations having the following media type:
MediaType.APPLICATION_JAVA_OBJECT_XML
("application/x-java-serialized-object+xml").SECURITY WARNING: The usage of
XMLDecoder when
deserializing XML presentations from untrusted sources can lead to malicious
attacks. As pointed here, the XMLDecoder is able to force the JVM to
execute unwanted Java code described inside the XML file. Thus, the support
of such format has been disabled by default. You can activate this support by
turning on the following system property:
org.restlet.representation.ObjectRepresentation.VARIANT_OBJECT_XML_SUPPORTED.SECURITY WARNING: The usage of
ObjectInputStream when deserializing
binary presentations from untrusted sources can lead to malicious attacks. As
pointed
here, the ObjectInputStream is able to force the JVM to execute
unwanted Java code. Thus, the support of such format has been disabled by
default. You can activate this support by turning on the following system
property: "org.restlet.representation.ObjectRepresentation
.VARIANT_OBJECT_BINARY_SUPPORTED".- Author:
- Jerome Louvel
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic booleanIndicates whether the JavaBeans binary deserialization is supported or not.static booleanIndicates whether the JavaBeans XML deserialization is supported or not.Fields inherited from class org.restlet.representation.Representation
UNKNOWN_SIZE -
Constructor Summary
ConstructorsConstructorDescriptionObjectRepresentation(Representation serializedRepresentation) Constructor reading the object from a serialized representation.ObjectRepresentation(Representation serializedRepresentation, ClassLoader classLoader) Constructor reading the object from a serialized representation.ObjectRepresentation(Representation serializedRepresentation, ClassLoader classLoader, boolean variantObjectBinarySupported, boolean variantObjectXmlSupported) Constructor reading the object from a serialized representation.ObjectRepresentation(T object) Constructor for theMediaType.APPLICATION_JAVA_OBJECTtype.ObjectRepresentation(T object, MediaType mediaType) Constructor for either theMediaType.APPLICATION_JAVA_OBJECTtype or theMediaType.APPLICATION_XMLtype. -
Method Summary
Methods inherited from class org.restlet.representation.OutputRepresentation
getStreamMethods inherited from class org.restlet.representation.StreamRepresentation
getReader, writeMethods inherited from class org.restlet.representation.Representation
append, exhaust, getAvailableSize, getDigest, getDisposition, getExpirationDate, getRange, getSize, getText, hasKnownSize, isAvailable, isEmpty, isTransient, setAvailable, setDigest, setDisposition, setExpirationDate, setRange, setSize, setTransientMethods inherited from class org.restlet.representation.RepresentationInfo
getModificationDate, getTag, setModificationDate, setTagMethods inherited from class org.restlet.representation.Variant
createClientInfo, equals, getCharacterSet, getEncodings, getLanguages, getLocationRef, getMediaType, hashCode, includes, isCompatible, setCharacterSet, setEncodings, setLanguages, setLocationRef, setLocationRef, setMediaType, toString
-
Field Details
-
VARIANT_OBJECT_XML_SUPPORTED
public static boolean VARIANT_OBJECT_XML_SUPPORTEDIndicates whether the JavaBeans XML deserialization is supported or not. -
VARIANT_OBJECT_BINARY_SUPPORTED
public static boolean VARIANT_OBJECT_BINARY_SUPPORTEDIndicates whether the JavaBeans binary deserialization is supported or not.
-
-
Constructor Details
-
ObjectRepresentation
public ObjectRepresentation(Representation serializedRepresentation) throws IOException, ClassNotFoundException, IllegalArgumentException Constructor reading the object from a serialized representation. This representation must have the proper media type: "application/x-java-serialized-object".- Parameters:
serializedRepresentation- The serialized representation.- Throws:
IOExceptionClassNotFoundExceptionIllegalArgumentException
-
ObjectRepresentation
public ObjectRepresentation(Representation serializedRepresentation, ClassLoader classLoader) throws IOException, ClassNotFoundException, IllegalArgumentException Constructor reading the object from a serialized representation. This representation must have the proper media type: "application/x-java-serialized-object".- Parameters:
serializedRepresentation- The serialized representation.classLoader- The class loader used to read the object.- Throws:
IOExceptionClassNotFoundExceptionIllegalArgumentException
-
ObjectRepresentation
public ObjectRepresentation(Representation serializedRepresentation, ClassLoader classLoader, boolean variantObjectBinarySupported, boolean variantObjectXmlSupported) throws IOException, ClassNotFoundException, IllegalArgumentException Constructor reading the object from a serialized representation. This representation must have the proper media type: "application/x-java-serialized-object".- Parameters:
serializedRepresentation- The serialized representation.classLoader- The class loader used to read the object.variantObjectBinarySupported- Indicates whether the JavaBeans binary deserialization is supported or not.variantObjectXmlSupported- Indicates whether the JavaBeans XML deserialization is supported or not.- Throws:
IOExceptionClassNotFoundExceptionIllegalArgumentException
-
ObjectRepresentation
Constructor for theMediaType.APPLICATION_JAVA_OBJECTtype.- Parameters:
object- The serializable object.
-
ObjectRepresentation
Constructor for either theMediaType.APPLICATION_JAVA_OBJECTtype or theMediaType.APPLICATION_XMLtype. In the first case, the Java Object Serialization mechanism is used, based onObjectOutputStream. In the latter case, the JavaBeans XML serialization is used, based onXMLEncoder.- Parameters:
object- The serializable object.mediaType- The media type.
-
-
Method Details
-
getObject
Returns the represented object.- Returns:
- The represented object.
- Throws:
IOException
-
release
public void release()Releases the represented object.- Overrides:
releasein classRepresentation
-
setObject
Sets the represented object.- Parameters:
object- The represented object.
-
write
Description copied from class:RepresentationWrites the representation to a byte stream. This method is ensured to write the full content for each invocation unless it is a transient representation, in which case an exception is thrown.
Note that the class implementing this method shouldn't flush or close the givenOutputStreamafter writing to it as this will be handled by the Restlet connectors automatically.- Specified by:
writein classRepresentation- Parameters:
outputStream- The output stream.- Throws:
IOException
-