чт, 14 мая 2020 г. в 18:48, Christopher Schultz <ch...@christopherschultz.net>:
>
> All,
>
> I'm interested in the history of the StandardSession.writeObjectData
> method. I've been looking at it lately because I'm interested in
> possibly (optionally) encrypting the sessions in the backend session
> store. But this isn't about encryption at all.
>
> The code for StandardSession.doWriteObject(ObjectOutputStream stream)
> looks like this:
>
>
> // Write the scalar instance variables (except Manager)
> stream.writeObject(Long.valueOf(creationTime));
> stream.writeObject(Long.valueOf(lastAccessedTime));
> stream.writeObject(Integer.valueOf(maxInactiveInterval));
> stream.writeObject(Boolean.valueOf(isNew));
> stream.writeObject(Boolean.valueOf(isValid));
> stream.writeObject(Long.valueOf(thisAccessedTime));
If I understand correctly, with objects you can read them with the
same 'readObject()' object method and decide what to do with the
received value. With primitives you have to decide upfront what
reading method you are going to call, and calling a wrong one will
result in a fatal failure where the rest of the data cannot be read at
all.
For example, StandardSession.doReadObject has the following code:
// The next object read could either be the number of
attributes (Integer) or the session's
// authType followed by a Principal object (not an Integer)
Object nextObject = stream.readObject();
if (!(nextObject instanceof Integer)) {
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
