-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Konstantin,
On 5/15/20 07:36, Konstantin Kolinko wrote:
> чт, 14 мая 2020 г. в 18:48, Christopher Schultz
> <ch...@christopherschultz.net>:
>>
>> All,
>>
>> I'm interested in the history of the
>> StandardSession.writeObjectData method. I've been looking at it
>> lately because I'm interested in possibly (optionally) encrypting
>> the sessions in the backend session store. But this isn't about
>> encryption at all.
>>
>> The code for StandardSession.doWriteObject(ObjectOutputStream
>> stream) looks like this:
>>
>>
>> // Write the scalar instance variables (except Manager)
>> stream.writeObject(Long.valueOf(creationTime));
>> stream.writeObject(Long.valueOf(lastAccessedTime));
>> stream.writeObject(Integer.valueOf(maxInactiveInterval));
>> stream.writeObject(Boolean.valueOf(isNew));
>> stream.writeObject(Boolean.valueOf(isValid));
>> stream.writeObject(Long.valueOf(thisAccessedTime));
>
> If I understand correctly, with objects you can read them with the
> same 'readObject()' object method and decide what to do with the
> received value. With primitives you have to decide upfront what
> reading method you are going to call, and calling a wrong one will
> result in a fatal failure where the rest of the data cannot be read
> at all.
>
> For example, StandardSession.doReadObject has the following code:
>
> // The next object read could either be the number of attributes
> (Integer) or the session's // authType followed by a Principal
> object (not an Integer) Object nextObject = stream.readObject(); if
> (!(nextObject instanceof Integer)) {
This is true: changing from objects to primitives means that no
changes can be made in the future such as re-ordering, changing the
data type, etc. without breaking backward-compatibility.
The metadata at the "beginning" of the stream is fairly stable, so I
think it's safe to make this change.
We could always write a version-number to the storage if we wanted. If
we want to get really crazy, we can go full protobuf[1].
- -chris
[1] https://developers.google.com/protocol-buffers/
-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/
iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl6+pIYACgkQHPApP6U8
pFiRhRAAyCgUGymuV5dlYqVEYPkHtiOUHlmbxrcoeTGU9KfEDnKPZ0frOtdit1X8
POiBEelQooQYwC2AuYxQy0IbdZhCjtZwTX/voi1ieTTH0SQXADVVkD94jkbd2qVQ
Izzn5aWc2KN0/+tDA0iPQtzntP7NhBJ3eCziz7cPxXbPcJCTSLAJr2OZJC7qPvGv
Tit35FLpVyoMD0XE83tnZmEtczTSgKXC2qTHVtOP4/yObl/+JkAG7cUroKINv510
0bAvkqZ1BQnM6ocrKjUcA3GHOw8wPlnwu4B5g2sVXlfbm/Yg0VK9J8r5nUb/KOeZ
iHwPop/FUammNIFJUHGwoVps8pvYHRn4GC2dFotIodrmi62P8B/7NiDW6fXfK/0E
DCJoPdK29Kwy6r9CvMBRy9lbYx/0FcYv3Gb1m9nknAdJgaql55RCVSEUPSZ7J5on
6cnmIFNxKZw0evpBbTMzfuSu+3uGwSnp1VzRN4wCM8d8Ram8pt/3GmK0tt41ADDw
VS8nbzeEmG1G/6MwCj5W1u11I1KLQl6bVcoLHLrREQQyS0X5+1Spg4v1av+kU7N9
uccb2sv6480LiaZvr+oWv5V1QlWKdSZgfekAsv5zWtaBIdw7MLwuY+0vvOYB682u
xpUs2PBLWQHHHrHQRqLtYLBsa3l5imP4w2h1z3F5pwZTQfoJXwk=
=UE1r
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
