1. 破解单例模式
可以通过反射和反序列化的方式来破解除枚举方式以外的单例模式。
2. 如何防止破解
2.1 对于反序列化方式
在单例模式下,添加一个readResolve()
方法,在方法体里返回这个对象。在反序列化时,会自动调用这个方法,从而避免了生成新的对象。
示例:
public class Singleton implements Serializable {
private static final long serialVersionUID = 1L;
private Singleton(){
}
private static Singleton instance = new Singleton();;
public static Singleton getInstance(){
return instance;
}
//在序列化时会自动调用该方法
/*private Object readResolve(){
return instance;
}*/
public static void main(String[] args) throws IOException, ClassNotFoundException{
Singleton instance1 = Singleton.getInstance();
//序列表
FileOutputStream fos = new FileOutputStream("E:\\aa.txt");
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(instance1);
oos.close();
//反序列化
FileInputStream fis = new FileInputStream("E:\\aa.txt");
ObjectInputStream ois = new ObjectInputStream(fis);
Singleton instance2 = (Singleton)ois.readObject();
System.out.println(instance1==instance2);
}
}
2.2 对于反射放式
对于反射,只需要在构造方法中添加判断来达到防止反射生成新对象
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
public class Singleton2 {
private Singleton2(){
if(instance!=null){
throw new RuntimeException();
}
}
private static final Singleton2 instance = new Singleton2();
public static Singleton2 getInstance(){
return instance;
}
public static void main(String[] args) throws ClassNotFoundException, NoSuchMethodException, SecurityException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
Singleton2 s1 = Singleton2.getInstance();
Singleton2 s2 = Singleton2.getInstance();
System.out.println(s1==s2);
//通过反射构造对象
Class<Singleton2> clazz = (Class<Singleton2>)Class.forName("com.zm.resingleton.Singleton2");
Constructor<Singleton2> declaredConstructor = clazz.getDeclaredConstructor(null);
declaredConstructor.setAccessible(true); //true:取消 Java 语言访问检查 false:对java语言实施访问检查
Singleton2 instance1 = declaredConstructor.newInstance();
Singleton2 instance2 = declaredConstructor.newInstance();
System.out.println(instance1==instance2);
}
}