java-custom-serialization


Can we deny a java object from serialization other than giving transient keyword

一世执手 提交于 2019-11-29 07:57:54
问题 We can avoid serialising fields by using the transient keyword. Is there any other way of doing that? 回答1: http://java.sun.com/javase/6/docs/platform/serialization/spec/security.html SUMMARY:Preventing Serialization of Sensitive Data Fields containing sensitive data should not be serialized; doing so exposes their values to any party with access to the serialization stream. There are several methods for preventing a field from being serialized: Declare the field as private transient. Define

工具导航Map