WhitelistedSerializationStrategy (OAuth2 for Spring Security 2.5.1.RELEASE API)

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

java.lang.Object
- org.springframework.security.oauth2.common.util.DefaultSerializationStrategy
- - org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy

All Implemented Interfaces:

SerializationStrategy

Deprecated.
See the OAuth 2.0 Migration Guide for Spring Security 5.
```
@Deprecated
public class WhitelistedSerializationStrategy
extends DefaultSerializationStrategy
```
A SerializationStrategy which uses a whitelist of allowed classes for deserialization.

Since:

2.4

Author:

Artem Smotrakov

Constructor Summary

Constructors
Constructor and Description
`WhitelistedSerializationStrategy()` Deprecated. Initializes `WhitelistedSerializationStrategy` with the list of classes which are allowed to deserialize by default.
`WhitelistedSerializationStrategy(List<String> allowedClasses)` Deprecated. Initializes `WhitelistedSerializationStrategy` with specified allowed classes.

Method Summary

All Methods Instance Methods Concrete Methods Deprecated Methods
Modifier and Type	Method and Description
`protected ObjectInputStream`	`createObjectInputStream(byte[] byteArray)` Deprecated. Creates an `ObjectInputStream` for deserialization.

Methods inherited from class org.springframework.security.oauth2.common.util.DefaultSerializationStrategy
deserialize, serialize

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - WhitelistedSerializationStrategy
```
public WhitelistedSerializationStrategy()
```
    Deprecated.
    
    Initializes WhitelistedSerializationStrategy with the list of classes which are allowed to deserialize by default.
  - WhitelistedSerializationStrategy
```
public WhitelistedSerializationStrategy(List<String> allowedClasses)
```
    Deprecated.
    
    Initializes WhitelistedSerializationStrategy with specified allowed classes.
    
    Parameters:
    
    allowedClasses - The allowed classes for deserialization.
- Method Detail
  - createObjectInputStream
```
protected ObjectInputStream createObjectInputStream(byte[] byteArray)
                                             throws IOException
```
    Deprecated.
    
    Description copied from class: DefaultSerializationStrategy
    
    Creates an ObjectInputStream for deserialization.
    
    Overrides:
    
    createObjectInputStream in class DefaultSerializationStrategy
    
    Parameters:
    
    byteArray - Data to be deserialized.
    
    Returns:
    
    An instance of ObjectInputStream which should be used for deserialization.
    
    Throws:
    
    IOException - If something went wrong.

Skip navigation links

Prev Class
Next Class

All Classes

Summary:
Nested |
Field |
Constr |
Method

Detail:
Field |
Constr |
Method

Copyright © 2021. All rights reserved.