Package org.apache.catalina.util
Class CustomObjectInputStream
java.lang.Object
java.io.InputStream
java.io.ObjectInputStream
org.apache.catalina.util.CustomObjectInputStream
- All Implemented Interfaces:
- Closeable,- DataInput,- ObjectInput,- ObjectStreamConstants,- AutoCloseable
Custom subclass of 
ObjectInputStream that loads from the
 class loader for this web application.  This allows classes defined only
 with the web application to be found correctly.- Author:
- Craig R. McClanahan, Bip Thelin
- 
Nested Class SummaryNested classes/interfaces inherited from class java.io.ObjectInputStreamObjectInputStream.GetField
- 
Field SummaryFields inherited from interface java.io.ObjectStreamConstantsbaseWireHandle, PROTOCOL_VERSION_1, PROTOCOL_VERSION_2, SC_BLOCK_DATA, SC_ENUM, SC_EXTERNALIZABLE, SC_SERIALIZABLE, SC_WRITE_METHOD, SERIAL_FILTER_PERMISSION, STREAM_MAGIC, STREAM_VERSION, SUBCLASS_IMPLEMENTATION_PERMISSION, SUBSTITUTION_PERMISSION, TC_ARRAY, TC_BASE, TC_BLOCKDATA, TC_BLOCKDATALONG, TC_CLASS, TC_CLASSDESC, TC_ENDBLOCKDATA, TC_ENUM, TC_EXCEPTION, TC_LONGSTRING, TC_MAX, TC_NULL, TC_OBJECT, TC_PROXYCLASSDESC, TC_REFERENCE, TC_RESET, TC_STRING
- 
Constructor SummaryConstructorsConstructorDescriptionCustomObjectInputStream(InputStream stream, ClassLoader classLoader) Construct a new instance of CustomObjectInputStream without any filtering of deserialized classes.CustomObjectInputStream(InputStream stream, ClassLoader classLoader, Log log, Pattern allowedClassNamePattern, boolean warnOnFailure) Construct a new instance of CustomObjectInputStream with filtering of deserialized classes.
- 
Method SummaryModifier and TypeMethodDescriptionClass<?>resolveClass(ObjectStreamClass classDesc) Load the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.protected Class<?>resolveProxyClass(String[] interfaces) Return a proxy class that implements the interfaces named in a proxy class descriptor.Methods inherited from class java.io.ObjectInputStreamavailable, close, defaultReadObject, enableResolveObject, getObjectInputFilter, read, read, readBoolean, readByte, readChar, readClassDescriptor, readDouble, readFields, readFloat, readFully, readFully, readInt, readLine, readLong, readObject, readObjectOverride, readShort, readStreamHeader, readUnshared, readUnsignedByte, readUnsignedShort, readUTF, registerValidation, resolveObject, setObjectInputFilter, skipBytesMethods inherited from class java.io.InputStreammark, markSupported, nullInputStream, read, readAllBytes, readNBytes, readNBytes, reset, skip, skipNBytes, transferToMethods inherited from class java.lang.Objectclone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface java.io.ObjectInputread, skip
- 
Constructor Details- 
CustomObjectInputStreamConstruct a new instance of CustomObjectInputStream without any filtering of deserialized classes.- Parameters:
- stream- The input stream we will read from
- classLoader- The class loader used to instantiate objects
- Throws:
- IOException- if an input/output error occurs
 
- 
CustomObjectInputStreampublic CustomObjectInputStream(InputStream stream, ClassLoader classLoader, Log log, Pattern allowedClassNamePattern, boolean warnOnFailure) throws IOException Construct a new instance of CustomObjectInputStream with filtering of deserialized classes.- Parameters:
- stream- The input stream we will read from
- classLoader- The class loader used to instantiate objects
- log- The logger to use to report any issues. It may only be null if the filterMode does not require logging
- allowedClassNamePattern- The regular expression to use to filter deserialized classes. The fully qualified class name must match this pattern for deserialization to be allowed if filtering is enabled.
- warnOnFailure- Should any failures be logged?
- Throws:
- IOException- if an input/output error occurs
 
 
- 
- 
Method Details- 
resolveClasspublic Class<?> resolveClass(ObjectStreamClass classDesc) throws ClassNotFoundException, IOException Load the local class equivalent of the specified stream class description, by using the class loader assigned to this Context.- Overrides:
- resolveClassin class- ObjectInputStream
- Parameters:
- classDesc- Class description from the input stream
- Throws:
- ClassNotFoundException- if this class cannot be found
- IOException- if an input/output error occurs
 
- 
resolveProxyClassprotected Class<?> resolveProxyClass(String[] interfaces) throws IOException, ClassNotFoundException Return a proxy class that implements the interfaces named in a proxy class descriptor. Do this using the class loader assigned to this Context.- Overrides:
- resolveProxyClassin class- ObjectInputStream
- Throws:
- IOException
- ClassNotFoundException
 
 
-