CustomObjectInputStream (Apache Tomcat 7.0.109 API Documentation)

java.lang.Object
- java.io.InputStream
- - java.io.ObjectInputStream
  - - org.apache.catalina.util.CustomObjectInputStream

All Implemented Interfaces:

Closeable, DataInput, ObjectInput, ObjectStreamConstants, AutoCloseable
```
public final class CustomObjectInputStream
extends ObjectInputStream
```
Custom subclass of ObjectInputStream that loads from the class loader for this web application. This allows classes defined only with the web application to be found correctly.

Author:

Craig R. McClanahan, Bip Thelin

Nested Class Summary
- Nested classes/interfaces inherited from class java.io.ObjectInputStream
  ObjectInputStream.GetField

Field Summary
- Fields inherited from interface java.io.ObjectStreamConstants
  baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING

Constructor Summary

Constructors
Constructor and Description
`CustomObjectInputStream(InputStream stream, ClassLoader classLoader)` Construct a new instance of CustomObjectInputStream without any filtering of deserialized classes.
`CustomObjectInputStream(InputStream stream, ClassLoader classLoader, Log log, Pattern allowedClassNamePattern, boolean warnOnFailure)` Construct a new instance of CustomObjectInputStream with filtering of deserialized classes.

Method Summary

Methods
Modifier and Type	Method and Description
`Class<?>`	`resolveClass(ObjectStreamClass classDesc)` Load the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.
`protected Class<?>`	`resolveProxyClass(String[] interfaces)` Return a proxy class that implements the interfaces named in a proxy class descriptor.

Methods inherited from class java.io.ObjectInputStream
available, close, defaultReadObject, enableResolveObject, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, skipBytes

Methods inherited from class java.io.InputStream
mark, markSupported, read, reset, skip

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface java.io.ObjectInput
read, skip

- Constructor Detail
  - CustomObjectInputStream
```
public CustomObjectInputStream(InputStream stream,
                       ClassLoader classLoader)
                        throws IOException
```
    Construct a new instance of CustomObjectInputStream without any filtering of deserialized classes.
    
    Parameters:
    stream - The input stream we will read from
    classLoader - The class loader used to instantiate objects
    
    Throws:
    
    IOException - if an input/output error occurs
  - CustomObjectInputStream
```
public CustomObjectInputStream(InputStream stream,
                       ClassLoader classLoader,
                       Log log,
                       Pattern allowedClassNamePattern,
                       boolean warnOnFailure)
                        throws IOException
```
    Construct a new instance of CustomObjectInputStream with filtering of deserialized classes.
    
    Parameters:
    stream - The input stream we will read from
    classLoader - The class loader used to instantiate objects
    log - The logger to use to report any issues. It may only be null if the filterMode does not require logging
    allowedClassNamePattern - The regular expression to use to filter deserialized classes. The fully qualified class name must match this pattern for deserialization to be allowed if filtering is enabled.
    warnOnFailure - Should any failures be logged?
    
    Throws:
    
    IOException - if an input/output error occurs
- Method Detail
  - resolveClass
```
public Class<?> resolveClass(ObjectStreamClass classDesc)
                      throws ClassNotFoundException,
                             IOException
```
    Load the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.
    
    Overrides:
    
    resolveClass in class ObjectInputStream
    
    Parameters:
    classDesc - Class description from the input stream
    
    Throws:
    
    ClassNotFoundException - if this class cannot be found
    
    IOException - if an input/output error occurs
  - resolveProxyClass
```
protected Class<?> resolveProxyClass(String[] interfaces)
                              throws IOException,
                                     ClassNotFoundException
```
    Return a proxy class that implements the interfaces named in a proxy class descriptor. Do this using the class loader assigned to this Context.
    
    Overrides:
    
    resolveProxyClass in class ObjectInputStream
    
    Throws:
    
    IOException
    
    ClassNotFoundException

Class CustomObjectInputStream

Nested Class Summary

Nested classes/interfaces inherited from class java.io.ObjectInputStream

Field Summary

Fields inherited from interface java.io.ObjectStreamConstants

Constructor Summary

Method Summary

Methods inherited from class java.io.ObjectInputStream

Methods inherited from class java.io.InputStream

Methods inherited from class java.lang.Object

Methods inherited from interface java.io.ObjectInput

Constructor Detail

CustomObjectInputStream

CustomObjectInputStream

Method Detail

resolveClass

resolveProxyClass