Java transient 关键字的使用
1. transient的作用及使用方法
Java中,当一个对象只要实现了Serilizable接口,这个对象就可以被序列化,java的这种序列化模式为开发者提供了很多便利,我们可以不必关系具体序列化的过程,只要这个类实现了Serilizable接口,这个类的所有属性和方法都会自动序列化。然而在实际开发过程中,我们常常会遇到这样的问题,这个类的有些属性需要序列化,而其他属性不需要被序列化,打个比方,如果一个用户有一些敏感信息(如密码,银行卡号等),为了安全起见,不希望在网络操作(主要涉及到序列化操作,本地序列化缓存也适用)中被传输,这些信息对应的变量就可以加上transient 关键字。换句话说,这个字段的生命周期仅存于调用者的内存中而不会写到磁盘里持久化。
总之,java 的 transient 关键字为我们提供了便利,你只需要实现 Serilizable 接口,将不需要序列化的属性前添加关键字transient,序列化对象的时候,这个属性就不会序列化到指定的目的地中。
示例:
import java.io.*;
public class Test {
public static void main(String[] args) throws SecurityException, IOException {
Student student = new Student();
student.setAge(10);
student.setName("aaa");
student.setGender("男");
student.setPassword("123456");
System.out.println("序列化前的对象:"+student.toString());
FileOutputStream fileOutputStream = null;
ObjectOutputStream objectOutputStream = null;
try {
fileOutputStream = new FileOutputStream("D:\\1.txt");
objectOutputStream = new ObjectOutputStream(fileOutputStream);
//将student对象写入磁盘中
objectOutputStream.writeObject(student);
}catch (IOException ioException){
System.out.println("序列化错误");
}finally {
//关闭资源
fileOutputStream.close();
objectOutputStream.close();
}
FileInputStream fileInputStream = null;
ObjectInputStream objectInputStream = null;
Student student1 = null;
try {
fileInputStream = new FileInputStream("D:\\1.txt");
objectInputStream = new ObjectInputStream(fileInputStream);
//将Student对象读到内存中并赋值给student1
student1 = (Student) objectInputStream.readObject();
}catch (ClassNotFoundException e) {
e.printStackTrace();
}finally {
//关闭资源
fileInputStream.close();
objectInputStream.close();
}
//打印反序列化后的student1对象
System.out.println("反序列化得到的对象:"+student1.toString());
}
}
------------------------------------------------------------------------------
import java.io.Serializable;
public class Student implements Serializable {
private static final long serialVersionUID = -387911632671998536L;
private String name;
private Integer age;
private String gender;
private transient String password;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
public String getGender() {
return gender;
}
public void setGender(String gender) {
this.gender = gender;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "Student{" +
"name='" + name + '\'' +
", age=" + age +
", gender='" + gender + '\'' +
", password='" + password + '\'' +
'}';
}
}
打印结果:
序列化前的对象:Student{name='aaa', age=10, gender='男', password='123456'}
反序列化得到的对象:Student{name='aaa', age=10, gender='男', password='null'}
可以看到密码字段password为 null,说明反序列化时根本没有从文件中获取到信息。
2. transient 使用小结
1)一旦变量被 transient修饰,变量将不再是对象持久化的一部分,该变量内容在序列化后无法获得访问。
2)transient关键字只能修饰变量,而不能修饰方法和类。注意,本地变量是不能被transient关键字修饰的。变量如果是用户自定义类变量,则该类需要实现Serializable接口。
3)被transient关键字修饰的变量不再能被序列化,一个静态变量不管是否被transient修饰,均不能被序列化。
反序列化后类中static型变量的值为当前JVM中对应static 变量的值,这个值是JVM中的不是反序列化得出的;
示例:
import java.io.*;
public class Test {
public static void main(String[] args) throws SecurityException, IOException {
Student student = new Student();
student.setAge(10);
student.setName("aaa");
student.setGender("男");
student.setPassword("123456");
System.out.println("序列化前的对象:"+student.toString());
FileOutputStream fileOutputStream = null;
ObjectOutputStream objectOutputStream = null;
try {
fileOutputStream = new FileOutputStream("D:\\1.txt");
objectOutputStream = new ObjectOutputStream(fileOutputStream);
//将student对象写入磁盘中
objectOutputStream.writeObject(student);
}catch (IOException ioException){
System.out.println("序列化错误");
}finally {
//关闭资源
fileOutputStream.close();
objectOutputStream.close();
}
//序列化student对象之后,修改static修饰的成员变量的值
student.setName("bbb");
FileInputStream fileInputStream = null;
ObjectInputStream objectInputStream = null;
Student student1 = null;
try {
fileInputStream = new FileInputStream("D:\\1.txt");
objectInputStream = new ObjectInputStream(fileInputStream);
//将Student对象读到内存中并赋值给student1
student1 = (Student) objectInputStream.readObject();
}catch (ClassNotFoundException e) {
e.printStackTrace();
}finally {
//关闭资源
fileInputStream.close();
objectInputStream.close();
}
//打印反序列化后的student1对象
System.out.println("反序列化得到的对象:"+student1.toString());
}
}
-------------------------------------------------------------------------------
import java.io.Serializable;
public class Student implements Serializable {
private static final long serialVersionUID = -387911632671998536L;
private static String name;
private Integer age;
private String gender;
private transient String password;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
public String getGender() {
return gender;
}
public void setGender(String gender) {
this.gender = gender;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "Student{" +
"name='" + name + '\'' +
", age=" + age +
", gender='" + gender + '\'' +
", password='" + password + '\'' +
'}';
}
}
打印结果:
序列化前的对象:Student{name='aaa', age=10, gender='男', password='123456'}
反序列化得到的对象:Student{name='bbb', age=10, gender='男', password='null'}
通过打印结果可以看到反序列化后类中static型变量的值为当前JVM中对应static变量的值,而不是序列化时的值;
3. transient使用细节——被transient关键字修饰的变量真的不能被序列化吗?
示例:
package com.dhcc;
import java.io.*;
public class Teacher implements Externalizable {
private transient String desc = "是的,我将会被序列化,不管我是否被transient关键字修饰";
private Integer age;
public String getDesc() {
return desc;
}
public void setDesc(String desc) {
this.desc = desc;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
@Override
public String toString() {
return "Teacher{" +
"desc='" + desc + '\'' +
", age=" + age +
'}';
}
@Override
public void writeExternal(ObjectOutput out) throws IOException {
out.writeObject(desc);
out.writeObject(age);
}
@Override
public void readExternal(ObjectInput in) throws IOException, ClassNotFoundException {
desc = (String) in.readObject();
age = (Integer) in.readObject();
}
public static void main(String[] args) throws IOException {
ObjectOutputStream objectOutputStream = null;
ObjectInputStream objectInputStream = null;
Teacher teacher = new Teacher();
teacher.setAge(10);
Teacher teacher1 = new Teacher();
try {
//序列化之前的 teacher 对像
System.out.println(teacher.toString());
objectOutputStream = new ObjectOutputStream(new FileOutputStream("D:\\2.txt"));
objectOutputStream.writeObject(teacher);
objectInputStream = new ObjectInputStream(new FileInputStream("D:\\2.txt"));
teacher1 = (Teacher) objectInputStream.readObject();
//反序列化之后的 teacher 对像
System.out.println(teacher1.toString());
} catch (IOException ioException) {
} catch (ClassNotFoundException e) {
e.printStackTrace();
} finally {
objectOutputStream.close();
objectInputStream.close();
}
}
}
打印结果
Teacher{desc='是的,我将会被序列化,不管我是否被transient关键字修饰', age=10}
Teacher{desc='是的,我将会被序列化,不管我是否被transient关键字修饰', age=10}
在Java中,对象的序列化可以通过实现两种接口来实现,若实现的是Serializable接口,则所有的序列化将会自动进行,若实现的是Externalizable接口,则没有任何东西可以自动序列化,需要在writeExternal方法中进行手工指定所要序列化的变量,这与是否被transient修饰无关。因此打印结果中 transient 修饰的 desc字段输出的是变量初始化的内容,而不是null。