Package org.apache.ofbiz.base.util

Class SafeObjectInputStream

  • All Implemented Interfaces:
    java.io.Closeable, java.io.DataInput, java.io.ObjectInput, java.io.ObjectStreamConstants, java.lang.AutoCloseable
    public final class SafeObjectInputStream
extends java.io.ObjectInputStream
    SafeObjectInputStream

    An implementation of ObjectInputStream that ensure that only authorized class can be read from it.

    • Nested Class Summary

      • Nested classes/interfaces inherited from class java.io.ObjectInputStream

        java.io.ObjectInputStream.GetField

    • Field Summary

      • Fields inherited from interface java.io.ObjectStreamConstants

        baseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING

    • Constructor Summary

      Constructors 
      Constructor Description
      SafeObjectInputStream​(java.io.InputStream in)
      Instantiates a safe object input stream.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass classDesc)  

      • Methods inherited from class java.io.ObjectInputStream

        available, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, resolveProxyClass, setObjectInputFilter, skipBytes

      • Methods inherited from class java.io.InputStream

        mark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, transferTo

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface java.io.ObjectInput

        read, skip

    • Constructor Detail

      • SafeObjectInputStream

        public SafeObjectInputStream​(java.io.InputStream in)
                      throws java.io.IOException
        Instantiates a safe object input stream.
        Parameters:
        in - the input stream to read
        Throws:
        java.io.IOException - when reading is not possible.

    • Method Detail

      • resolveClass

        protected java.lang.Class<?> resolveClass​(java.io.ObjectStreamClass classDesc)
                                   throws java.io.IOException,
                                          java.lang.ClassNotFoundException
        Overrides:
        resolveClass in class java.io.ObjectInputStream
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException