DefaultSerializationStrategy (OAuth2 for Spring Security 2.5.1.RELEASE API)

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.security.oauth2.common.util.DefaultSerializationStrategy

All Implemented Interfaces:

SerializationStrategy

Direct Known Subclasses:

WhitelistedSerializationStrategy

Deprecated.
See the OAuth 2.0 Migration Guide for Spring Security 5.
```
@Deprecated
public class DefaultSerializationStrategy
extends Object
implements SerializationStrategy
```
The default SerializationStrategy which uses the built-in Java serialization mechanism.
Note that this class should not be used if data for deserialization comes from an untrusted source. Instead, please use WhitelistedSerializationStrategy with a list of allowed classes for deserialization.

Since:

2.4

Author:

Artem Smotrakov

Constructor Summary

Constructors
Constructor and Description

DefaultSerializationStrategy()
Deprecated.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`protected ObjectInputStream`	`createObjectInputStream(byte[] byteArray)` Deprecated. Creates an `ObjectInputStream` for deserialization.
`<T> T`	`deserialize(byte[] byteArray)` Deprecated. Deserializes an object from a byte array.
`byte[]`	`serialize(Object state)` Deprecated. Serializes an object.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - DefaultSerializationStrategy
```
public DefaultSerializationStrategy()
```
    Deprecated.
- Method Detail
  - serialize
```
public byte[] serialize(Object state)
```
    Deprecated.
    
    Description copied from interface: SerializationStrategy
    
    Serializes an object.
    
    Specified by:
    
    serialize in interface SerializationStrategy
    
    Parameters:
    
    state - The object to be serialized.
    
    Returns:
    
    A byte array.
  - deserialize
```
public <T> T deserialize(byte[] byteArray)
```
    Deprecated.
    
    Description copied from interface: SerializationStrategy
    
    Deserializes an object from a byte array.
    
    Specified by:
    
    deserialize in interface SerializationStrategy
    
    Type Parameters:
    
    T - The type of the object.
    
    Parameters:
    
    byteArray - The byte array.
    
    Returns:
    
    The deserialized object.
  - createObjectInputStream
```
protected ObjectInputStream createObjectInputStream(byte[] byteArray)
                                             throws IOException
```
    Deprecated.
    
    Creates an ObjectInputStream for deserialization.
    
    Parameters:
    
    byteArray - Data to be deserialized.
    
    Returns:
    
    An instance of ObjectInputStream which should be used for deserialization.
    
    Throws:
    
    IOException - If something went wrong.

Skip navigation links

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2021. All rights reserved.