XML Serialization Essentials

XML serialization is a great way for applications to maintain state, read and write configuration files, and transfer data between processes, applications, and enterprises over a network, including the Internet. Because XML documents are text-based, you can view and modify serialized data with a text editor.

Java's binary serialization API (whose major classes are ObjectOutputStream and ObjectInputStream) provides an infrastructure that supports data serialization into binary form. Binary data, however, is not easily read by people nor appropriate for communication across disparate applications or systems.

WebObjects allows you serialize objects and data into XML documents using the API defined for binary serialization. The classes NSXMLOutputStream and NSXMLInputStream extend ObjectOutputStream and ObjectInputStream, respectively. These classes use the Java API for XML Processing (JAXP)to communicate with the XML parser. See “XML Parsers and XSLT Processors” for more information.

As in binary serialization, an NSXMLOutputStream object writes enough data to a stream for an NSXMLInputStream object to be able to reconstruct the object graph and data that the stream represents. This includes fully qualified class names, field names, and data types. This level of verbosity is adequate for serialization and deserialization by similar systems, but may not be appropriate for data transmission between companies, for example. “Transforming an Array of Movies” shows you how to transform the output of NSXMLOutputStream into a simpler XML document suitable for communication among business partners.

Most of this chapter is based on Sun's Java Object Serialization Specification,. If you are familiar with that document, you can just skim through the chapter. You should, however, read “Application Security,” as it contains information on how to set up the security manager to allow WebObjects's serialization classes to work unrestricted.

This chapter contains the following sections:

“Serialization Process” lists the steps you perform to serialize data.
“Deserialization Process” lists the steps you perform to deserialize data.
“Secure Serialization” explains how to exclude fields from the serialization process.
“Validation of Deserialized Data” briefly explains how to validate an object after it's deserialized.
“Multiple Class Version Support” lists issues to consider when you update a Serializable class to maintain compatibility with previous versions.
“Serialization With Keys” provides an overview of key-based serialization.
“Application Security” explains how to set up Sun's security manager to grant WebObjects classes permissions to allow them to perform XML serialization.

< Previous PageNext Page >

Hide TOC

Last updated: 2005-08-11

Did this document help you?
Yes: Tell us what works for you. It’s good, but: Report typos, inaccuracies, and so forth. It wasn’t helpful: Tell us what would have helped.




	Get information on Apple products. Visit the Apple Store online or at retail locations. 1-800-MY-APPLE Copyright © 2007 Apple Inc. All rights reserved. \| Terms of use \| Privacy Notice