XmlSerializer (Apache Shiro 1.7.0 API)

java.lang.Object
- org.apache.shiro.io.XmlSerializer

All Implemented Interfaces:

Serializer
```
public class XmlSerializer
extends Object
implements Serializer
```
Deprecated.
This class should not be used directly because of unsecure XMLEncoder/XMLDecoder usage.

Serializer implementation that uses the JavaBeans XMLEncoder and XMLDecoder to serialize and deserialize, respectively.
NOTE: The JavaBeans XMLEncoder/XMLDecoder only successfully encode/decode objects when they are JavaBeans compatible!

Since:

0.9

Constructor Summary

Constructors
Constructor Description

XmlSerializer()
Deprecated.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method	Description
`Object`	`deserialize(byte[] serialized)`	Deprecated. Deserializes the specified `serialized` source back into an Object by using a `ByteArrayInputStream` to wrap the argument and then decode this stream via an `XMLDecoder`, where the `readObject` call results in the original Object to return.
`byte[]`	`serialize(Object source)`	Deprecated. Serializes the specified `source` into a byte[] array by using the `XMLEncoder` to encode the object out to a `ByteArrayOutputStream`, where the resulting byte[] array is returned.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - XmlSerializer
```
public XmlSerializer()
```
    Deprecated.
- Method Detail
  - serialize
```
public byte[] serialize(Object source)
```
    Deprecated.
    
    Serializes the specified source into a byte[] array by using the XMLEncoder to encode the object out to a ByteArrayOutputStream, where the resulting byte[] array is returned.
    
    Specified by:
    
    serialize in interface Serializer
    
    Parameters:
    
    source - the Object to convert into a byte[] array.
    
    Returns:
    
    the byte[] array representation of the XML encoded output.
  - deserialize
```
public Object deserialize(byte[] serialized)
```
    Deprecated.
    
    Deserializes the specified serialized source back into an Object by using a ByteArrayInputStream to wrap the argument and then decode this stream via an XMLDecoder, where the readObject call results in the original Object to return.
    
    Specified by:
    
    deserialize in interface Serializer
    
    Parameters:
    
    serialized - the byte[] array representation of the XML encoded output.
    
    Returns:
    
    the original source Object in reconstituted form.