Package org.apache.catalina.util
Class CustomObjectInputStream
- java.lang.Object
- 
- java.io.InputStream
- 
- java.io.ObjectInputStream
- 
- org.apache.catalina.util.CustomObjectInputStream
 
 
 
- 
- All Implemented Interfaces:
- java.io.Closeable,- java.io.DataInput,- java.io.ObjectInput,- java.io.ObjectStreamConstants,- java.lang.AutoCloseable
 
 public final class CustomObjectInputStream extends java.io.ObjectInputStreamCustom subclass ofObjectInputStreamthat loads from the class loader for this web application. This allows classes defined only with the web application to be found correctly.- Author:
- Craig R. McClanahan, Bip Thelin
 
- 
- 
Field Summary- 
Fields inherited from interface java.io.ObjectStreamConstantsbaseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING
 
- 
 - 
Constructor SummaryConstructors Constructor Description CustomObjectInputStream(java.io.InputStream stream, java.lang.ClassLoader classLoader)Construct a new instance of CustomObjectInputStream without any filtering of deserialized classes.CustomObjectInputStream(java.io.InputStream stream, java.lang.ClassLoader classLoader, Log log, java.util.regex.Pattern allowedClassNamePattern, boolean warnOnFailure)Construct a new instance of CustomObjectInputStream with filtering of deserialized classes.
 - 
Method SummaryAll Methods Instance Methods Concrete Methods Modifier and Type Method Description java.lang.Class<?>resolveClass(java.io.ObjectStreamClass classDesc)Load the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.protected java.lang.Class<?>resolveProxyClass(java.lang.String[] interfaces)Return a proxy class that implements the interfaces named in a proxy class descriptor.- 
Methods inherited from class java.io.ObjectInputStreamavailable, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, setObjectInputFilter, skipBytes
 - 
Methods inherited from class java.io.InputStreammark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, transferTo
 
- 
 
- 
- 
- 
Constructor Detail- 
CustomObjectInputStreampublic CustomObjectInputStream(java.io.InputStream stream, java.lang.ClassLoader classLoader) throws java.io.IOExceptionConstruct a new instance of CustomObjectInputStream without any filtering of deserialized classes.- Parameters:
- stream- The input stream we will read from
- classLoader- The class loader used to instantiate objects
- Throws:
- java.io.IOException- if an input/output error occurs
 
 - 
CustomObjectInputStreampublic CustomObjectInputStream(java.io.InputStream stream, java.lang.ClassLoader classLoader, Log log, java.util.regex.Pattern allowedClassNamePattern, boolean warnOnFailure) throws java.io.IOExceptionConstruct a new instance of CustomObjectInputStream with filtering of deserialized classes.- Parameters:
- stream- The input stream we will read from
- classLoader- The class loader used to instantiate objects
- log- The logger to use to report any issues. It may only be null if the filterMode does not require logging
- allowedClassNamePattern- The regular expression to use to filter deserialized classes. The fully qualified class name must match this pattern for deserialization to be allowed if filtering is enabled.
- warnOnFailure- Should any failures be logged?
- Throws:
- java.io.IOException- if an input/output error occurs
 
 
- 
 - 
Method Detail- 
resolveClasspublic java.lang.Class<?> resolveClass(java.io.ObjectStreamClass classDesc) throws java.lang.ClassNotFoundException, java.io.IOExceptionLoad the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.- Overrides:
- resolveClassin class- java.io.ObjectInputStream
- Parameters:
- classDesc- Class description from the input stream
- Throws:
- java.lang.ClassNotFoundException- if this class cannot be found
- java.io.IOException- if an input/output error occurs
 
 - 
resolveProxyClassprotected java.lang.Class<?> resolveProxyClass(java.lang.String[] interfaces) throws java.io.IOException, java.lang.ClassNotFoundExceptionReturn a proxy class that implements the interfaces named in a proxy class descriptor. Do this using the class loader assigned to this Context.- Overrides:
- resolveProxyClassin class- java.io.ObjectInputStream
- Throws:
- java.io.IOException
- java.lang.ClassNotFoundException
 
 
- 
 
-