Package org.apache.shiro.io
Class XmlSerializer
- java.lang.Object
-
- org.apache.shiro.io.XmlSerializer
-
- All Implemented Interfaces:
Serializer
public class XmlSerializer extends Object implements Serializer
Deprecated.This class should not be used directly because of unsecure XMLEncoder/XMLDecoder usage.Serializer implementation that uses the JavaBeansXMLEncoder
andXMLDecoder
to serialize and deserialize, respectively. NOTE: The JavaBeans XMLEncoder/XMLDecoder only successfully encode/decode objects when they are JavaBeans compatible!- Since:
- 0.9
-
-
Constructor Summary
Constructors Constructor Description XmlSerializer()
Deprecated.
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description Object
deserialize(byte[] serialized)
Deprecated.Deserializes the specifiedserialized
source back into an Object by using aByteArrayInputStream
to wrap the argument and then decode this stream via anXMLDecoder
, where thereadObject
call results in the original Object to return.byte[]
serialize(Object source)
Deprecated.Serializes the specifiedsource
into a byte[] array by using theXMLEncoder
to encode the object out to aByteArrayOutputStream
, where the resulting byte[] array is returned.
-
-
-
Constructor Detail
-
XmlSerializer
public XmlSerializer()
Deprecated.
-
-
Method Detail
-
serialize
public byte[] serialize(Object source)
Deprecated.Serializes the specifiedsource
into a byte[] array by using theXMLEncoder
to encode the object out to aByteArrayOutputStream
, where the resulting byte[] array is returned.- Specified by:
serialize
in interfaceSerializer
- Parameters:
source
- the Object to convert into a byte[] array.- Returns:
- the byte[] array representation of the XML encoded output.
-
deserialize
public Object deserialize(byte[] serialized)
Deprecated.Deserializes the specifiedserialized
source back into an Object by using aByteArrayInputStream
to wrap the argument and then decode this stream via anXMLDecoder
, where thereadObject
call results in the original Object to return.- Specified by:
deserialize
in interfaceSerializer
- Parameters:
serialized
- the byte[] array representation of the XML encoded output.- Returns:
- the original source Object in reconstituted form.
-
-