《对象序列化和持久化.ppt》由会员分享,可在线阅读,更多相关《对象序列化和持久化.ppt(95页珍藏版)》请在三一文库上搜索。
1、对象序列化和持久化,Object Serialization and Persistence,2019/7/15,Institute of Computer Software Nanjing University,1,摘要,对象序列化 对象持久化 Language level Databases Hibernate,2019/7/15,Institute of Computer Software Nanjing University,2,摘要,对象序列化 对象持久化 Language level Databases Hibernate,2019/7/15,Institute of Comput
2、er Software Nanjing University,3,摘要,对象序列化 对象持久化 Language level Databases Hibernate,2019/7/15,Institute of Computer Software Nanjing University,4,Object Serialization,Why What How,2019/7/15,Institute of Computer Software Nanjing University,5,Java Object Serialization - Why,Serialization is used for l
3、ightweight persistence and for communication via sockets or Remote Method Invocation (RMI).,2019/7/15,Institute of Computer Software Nanjing University,6,Java Object Serialization - Example,public class Client public static void main(String args) try / Create a socket Socket soc = new Socket(InetAdd
4、ress.getLocalHost(), 8020); OutputStream o = soc.getOutputStream(); ObjectOutput s = new ObjectOutputStream(o); s.writeObject(“Todays date“); s.writeObject(new Date(); s.flush(); s.close(); catch (Exception e) System.out.println(e.getMessage(); System.out.println(“Error during serialization“); Syste
5、m.exit(1); ,2019/7/15,Institute of Computer Software Nanjing University,7,Java Object Serialization - Example,public class Server public static void main(String args) ServerSocket ser = null; Socket soc = null; String str = null; Date d = null; try ser = new ServerSocket(8020); soc = ser.accept(); I
6、nputStream o = soc.getInputStream(); ObjectInput s = new ObjectInputStream(o); str = (String) s.readObject(); d = (Date) s.readObject(); s.close(); System.out.println(str); System.out.println(d); catch (Exception e) System.out.println(e.getMessage(); System.out.println(“Error during serialization“);
7、 System.exit(1); ,2019/7/15,Institute of Computer Software Nanjing University,8,Java Object Serialization - Example,Writing to an object stream,2019/7/15,Institute of Computer Software Nanjing University,9,/ Serialize todays date to a file. FileOutputStream f = new FileOutputStream(“tmp“); ObjectOut
8、put s = new ObjectOutputStream(f); s.writeObject(“Today“); s.writeObject(new Date(); s.flush();,Java Object Serialization - Example,Reading from an object stream,2019/7/15,Institute of Computer Software Nanjing University,10,/ Deserialize a string and date from a file. FileInputStream in = new FileI
9、nputStream(“tmp“); ObjectInputStream s = new ObjectInputStream(in); String today = (String)s.readObject(); Date date = (Date)s.readObject();,Java Object Serialization - What,Object Serialization extends the core Java Input/Output classes with support for objects. Object Serialization supports the en
10、coding of objects, and the objects reachable from them, into a stream of bytes; and it supports the complementary reconstruction of the object graph from the stream.,2019/7/15,Institute of Computer Software Nanjing University,11,Java Object Serialization - Goal,Have a simple yet extensible mechanism
11、. Maintain the Java object type and safety properties in the serialized form. Be extensible to support marshaling and unmarshaling as needed for remote objects. Be extensible to support simple persistence of Java objects. Require per class implementation only for customization. Allow the object to d
12、efine its external format.,2019/7/15,Institute of Computer Software Nanjing University,12,Java Object Serialization - How,Objects to be saved in the stream may support either the Serializable or the Externalizable interface. For Serializable objects, the stream includes sufficient information to res
13、tore the fields in the stream to a compatible version of the class. For Externalizable objects, the class is solely responsible for the external format of its contents.,2019/7/15,Institute of Computer Software Nanjing University,13,The Serializable Interface,public interface java.io.Serializable ; A
14、 Serializable class must do the following: Implement the java.io.Serializable interface Identify the fields that should be serializable Have access to the no-arg constructor of its first nonserializable superclass,2019/7/15,Institute of Computer Software Nanjing University,14,The Serializable Interf
15、ace,The class can optionally define the following methods: writeObject (ObjectOutputStream) readObject (ObjectInputStream) writeReplace () readResolve (),2019/7/15,Institute of Computer Software Nanjing University,15,思考:如果一个可序列化的类实现了以上四个方法,那么在序列化和反序列化的过程中,这几个方法的调用次序如何?,The Externalizable Interface,p
16、ublic interface Externalizable extends Serializable public void writeExternal(ObjectOutput out) throws IOException; public void readExternal(ObjectInput in) throws IOException, java.lang.ClassNotFoundException; ,2019/7/15,Institute of Computer Software Nanjing University,16,The Externalizable Interf
17、ace,The class of an Externalizable object must do the following: Implement the java.io.Externalizable interface Implement a writeExternal method to save the state of the object Implement a readExternal method to read the data written by the writeExternal method from the stream and restore the state
18、of the object Have the writeExternal and readExternal methods be solely responsible for the format, if an externally defined format is written Have a public no-arg constructor,2019/7/15,Institute of Computer Software Nanjing University,17,The Externalizable Interface,An Externalizable class can opti
19、onally define the following methods: writeReplace readResolve,2019/7/15,Institute of Computer Software Nanjing University,18,Note: 声明类实现Externalizable接口会有重大的安全风险。writeExternal()与readExternal()方法声明为public,恶意类可以用这些方法读取和写入对象数据。如果对象包含敏感信息,则要格外小心。,区别,Serializable 自动存储必要信息,用以反序列化被存储的实例 优点 内建支持 易于实现 缺点 占用空
20、间过大 速度慢,Externalizable 只保存被存储的类的标识,完全由程序员完成读取和写入工作 优点 开销较少 可能的速度提升 缺点 虚拟机不提供帮助,程序员负担重,2019/7/15,19,Institute of Computer Software Nanjing University,serialVersionUID,private static final long serialVersionUID For compability InvalidClassException It is strongly recommended that all serializable clas
21、ses explicitly declare serialVersionUID values serialver;eclipse,2019/7/15,Institute of Computer Software Nanjing University,20,Serialization Principles,如果该类有父类 如果父类实现了可序列化接口,则OK 如果父类没有实现可序列化接口,则父类所有字段的属性默认情况下不会被序列化 如果该类的某个属性标识为static类型的,则该属性不能序列化; 如果该类的某个属性采用transient关键字标识,则该属性不能序列化;,2019/7/15,Inst
22、itute of Computer Software Nanjing University,21,Serialization Principles,在我们标注一个类可以序列化的时候,其以下属性应该设置为transient来避免序列化: 线程相关的属性; 需要访问IO、本地资源、网络资源等的属性; 没有实现可序列化接口的属性;,2019/7/15,Institute of Computer Software Nanjing University,22,Some Items from Effective Java,2019/7/15,Institute of Computer Software N
23、anjing University,23,Effective Java for Serialization,1. Implement Serializable judiciously 谨慎地实现Serializable 代价1:一旦一个类被发布,则“改变这个类的实现”的灵活性将大大降低。 序列化会使类的演化受到限制。 代价2:增加了错误和安全漏洞的可能性。 序列化机制是一种语言之外的对象创建机制。 代价3:随着一个类的新版本的发行,相关的测试负担增加了。 可序列化类的变化越大,它就越需要测试。,2019/7/15,Institute of Computer Software Nanjing U
24、niversity,24,Effective Java for Serialization,Notes: 为了继承而设计的类应该很少实现Serializable,接口也应该很少会扩展它。 对于为继承而设计的不可序列化的类,应该考虑提供一个无参数的构造函数。 内部类应该很少实现Serializable。,2019/7/15,Institute of Computer Software Nanjing University,25,Effective Java for Serialization,2. Consider using a custom serialized form 考虑使用自定义的序
25、列化形式 如果一个对象的物理表示等同于它的逻辑内容,则默认的序列化形式可能是合适的。 即使确定了默认序列化形式是合适的,通常仍然要提供一个readObject方法以保证约束关系和安全性。,2019/7/15,Institute of Computer Software Nanjing University,26,Effective Java for Serialization,2019/7/15,Institute of Computer Software Nanjing University,27,Effective Java for Serialization,2019/7/15,Inst
26、itute of Computer Software Nanjing University,28,Effective Java for Serialization,当一个对象的物理表示与它的逻辑数据内容有实质性的区别时,使用默认序列化形式有4个缺点: 它使这个类的导出API永久地束缚在该类的内部表示上。 它要消耗过多的空间。 它要消耗过多的时间。 它会引起栈溢出。,2019/7/15,Institute of Computer Software Nanjing University,29,2019/7/15,Institute of Computer Software Nanjing Univ
27、ersity,30,Effective Java for Serialization,2019/7/15,Institute of Computer Software Nanjing University,31,Effective Java for Serialization,如果所有的实例域都是transient的,那么省去调用defaultWriteObject和defaultReadObject也是允许的,但是不推荐这样做。 在决定将一个域做成非transient之前,请一定要确信它的值将是该对象逻辑状态的一部分。 不管你选择了哪种序列化形式,你都要为自己编写的每个序列化的类声明一个显式
28、的序列化版本UID。,2019/7/15,Institute of Computer Software Nanjing University,32,private static final long serialVersionID = randomLongValue,Effective Java for Serialization,3. Write readObject methods defensively 保护性地编写readObject方法 readObject方法实际上相当于另一个共有的构造函数,如同其他构造函数一样,它也要求所有同样的注意事项:检查实参的有效性,并且必要时对参数进行保
29、护性拷贝。,2019/7/15,Institute of Computer Software Nanjing University,33,Versioning,Versioning raises some fundamental questions about the identity of a class, including what constitutes a compatible change. A compatible change is a change that does not affect the contract between the class and its call
30、ers.,2019/7/15,Institute of Computer Software Nanjing University,34,Incompatible changes,Deleting fields Moving classes up or down the hierarchy Changing a nonstatic field to static or a nontransient field to transient Changing the declared type of a primitive field Changing the writeObject or readO
31、bject method so that it no longer writes or reads the default field data or changing it so that it attempts to write it or read it when the previous version did not.,2019/7/15,Institute of Computer Software Nanjing University,35,Incompatible changes,Changing a class from Serializable to Externalizab
32、le or vice versa Changing a class from a non-enum type to an enum type or vice versa Removing either Serializable or Externalizable Adding the writeReplace or readResolve method to a class is incompatible if the behavior would produce an object that is incompatible with any older version of the clas
33、s.,2019/7/15,Institute of Computer Software Nanjing University,36,Compatible changes,Adding fields Adding classes Removing classes Adding writeObject/readObject methods Removing writeObject/readObject methods Adding java.io.Serializable Changing the access to a field Changing a field from static to
34、nonstatic or transient to nontransient,2019/7/15,Institute of Computer Software Nanjing University,37,摘要,对象序列化 对象持久化 Language level Databases Hibernate,2019/7/15,Institute of Computer Software Nanjing University,38,摘要,对象序列化 对象持久化 Language level Databases Hibernate,2019/7/15,Institute of Computer Sof
35、tware Nanjing University,39,Object Persistence,During execution of application: objects are created and manipulated What happens to objects after termination? Various kinds of objects Transient objects: Disappear with current session Persistent objects: Stay around from session to session May be sha
36、red with other applications (e.g. databases),2019/7/15,Institute of Computer Software Nanjing University,40,Approaches to manipulate persistent objects,Persistence mechanisms from programming languages Relational databases Object-oriented databases,2019/7/15,Institute of Computer Software Nanjing Un
37、iversity,41,Persistence from programming languages,Mechanisms for storing objects in files and retrieving them Simple objects: e.g. integers, characters conventional methods usable Composite objects: contain references to other objects Persistence Closure principle: Any storage and retrieval mechani
38、sm must handle the object and all its dependents. otherwise: dangling references,2019/7/15,Institute of Computer Software Nanjing University,42,对象结构的存储与提取,对象持久化的难点之一: 对象之间的引用,2019/7/15,Institute of Computer Software Nanjing University,43,对象结构的存储与提取,需持久化整个对象引用闭包 Persistence closure Java的serialization
39、规则 缺省规则:非static 非transient 的数据成员 用户定义 class List implements Serializable List next; private static final ObjectStreamField serialPersistentFields = new ObjectStreamField(“next“, List.class); ,2019/7/15,Institute of Computer Software Nanjing University,44,对象结构的存储与提取,闭包可能太大 小对象引用(共享的)大对象,2019/7/15,Ins
40、titute of Computer Software Nanjing University,45,对象结构的存储与提取,Java 的 transient 修饰子 Transient fields 不被序列化 Static fields 也不被序列化 开发者负责维护,2019/7/15,Institute of Computer Software Nanjing University,46,Schema evolution,Fact: Classes change Problem: Objects are stored of which class descriptions have chan
41、ged Schema evolution: At least one class used by the retrieving system differs from its counterpart stored by the storing system. Object retrieval mismatch (Object mismatch): The retrieving system retrieves a particular object whose own generating class was different in the storing system. No fully
42、satisfactory solution,2019/7/15,Institute of Computer Software Nanjing University,47,Different approaches,Naive, extreme approaches: Forsake previously stored objects Over a migration path from old format to new a one-time, en masse conversion of old objects not applicable to a large persistent stor
43、e or to one that must be available continuously Most general solution: On-the-fly conversion Note: We cover only the retrieval part. Whether to write back the converted object is a separate issue.,2019/7/15,Institute of Computer Software Nanjing University,48,On-the-fly object conversion,Three separ
44、ate issues: Detection: Catch object mismatch Notification: Make retrieving system aware of object mismatch Correction: Bring mismatched object to a consistent state Make it a correct instance of the new class version,2019/7/15,Institute of Computer Software Nanjing University,49,Detection,Detect a m
45、ismatch between two versions of an objects generating class Two categories of detection policy: Nominal approach: Each class version has a version name Central registration mechanism necessary Structural approach: Deduce class descriptor from actual class structure Store class descriptor Simple dete
46、ction: compare class descriptors of retrieved object with new class descriptor,2019/7/15,Institute of Computer Software Nanjing University,50,Detection: Structural Approach,What does the class descriptor need to contain? Trade-off between efficiency and reliability Two extreme approaches: C1: class
47、name C2: entire class text (e.g. abstract syntax tree) Reasonable approaches: C3: class name, list of attributes (name and type) C4: in addition to C3: class invariant,2019/7/15,Institute of Computer Software Nanjing University,51,Notification,What happens when the detection mechanism has caught an
48、object mismatch? Language level mechanism Class ANY could include a procedure: correct_mismatch is - Handle object retrieval mismatch. local exception: EXCEPTIONS do create exception exception.raise ( Routine failure: Object mismatch during retrieval ) end,2019/7/15,Institute of Computer Software Na
49、njing University,52,Correction,How do we correct an object that caused a mismatch? Current situation: Retrieval mechanism has created a new object (deduced from a stored object with same generating class) A mismatch has been detected new object is in temporary (maybe inconsistent) state,2019/7/15,Institute of Computer Software Nanjing University,53,Correction,增加attribute 删除attribute,2019/7/15,Institute of Computer Software Nanjing University,54,0.0,Attribute was not in stored version. Field