On Feb 16, 9:25 pm, Kenton Varda <[email protected]> wrote:
> On Sun, Feb 14, 2010 at 4:36 AM, Jaroslaw Odzga <[email protected]>wrote:
>
> > I'll have to disagree :-) Serialization is not a way of mutating objects
> > and Externalizable is thought to be just an efficient Serialization.
> > readExternal() is not a public method anyway.
>
> Since Externalizable is an interface, all its methods are necessarily
> public.
>
You are right :-)
> > Obviously, if you want you can use it to mutate the object, but if you like
> > you can mutate even perfectly final and immutable objects in Java (using
> > some trickery).
>
> I'm pretty sure that's not true. Effective Java, for example, suggests
> using immutable classes as a security measure, which would be a terrible
> suggestion if they were not really immutable.
>
I'm sure that's true ;-) Here you have a perfectly final and immutable
class:
public final class Person {
private final String name;
private final int age;
private final int iq = 110;
private final Object country = "South Africa";
public Person(String name, int age) {
this.name = name;
this.age = age;
}
public String toString() {
return name + ", " + age + " of IQ=" + iq + " from " + country;
}
}
Now, try to guess what the following program prints:
import java.lang.reflect.Field;
public class FinalFieldChange {
private static void change(Person p, String name, Object value)
throws NoSuchFieldException, IllegalAccessException {
Field firstNameField = Person.class.getDeclaredField(name);
firstNameField.setAccessible(true);
firstNameField.set(p, value);
}
public static void main(String[] args) throws Exception {
final Person heinz = new Person("Heinz Kabutz", 32);
change(heinz, "name", "Ng Keng Yap");
change(heinz, "age", new Integer(27));
change(heinz, "iq", new Integer(150));
change(heinz, "country", "Malaysia");
System.out.println(heinz);
}
}
And here is what is really printed (I executed it using Java 6_14):
Ng Keng Yap, 27 of IQ=110 from Malaysia
I "borrowed" this example from Dr. Heinz M. Kabutz's blog:
http://www.javaspecialists.eu/archive/Issue096.html. I only added few
"final" keywords to make it even more dramatic :-)
This does not invalidate recommendation from Effective Java to use
immutable objects (for thread safety, security etc.).
> > I think Serialization is just alternative way of creating objects and it is
> > perfectly ok to serialize immutable objects e.g. String is immutable and
> > Serializable. I would go ahead and make Protocol Buffer classes serializable
> > ;-)
>
> As it turns out, someone inside Google is working on this now, so if it is
> reasonably possible it should be in the next release.
>
Great. In my opinion adding serialization to PB is a good move. Most
immutable classes from JDK are serializable i.e. String.
>
>
>
>
> > Regards,
> > Jarek
>
> > On Fri, Feb 12, 2010 at 9:47 PM, Kenton Varda <[email protected]> wrote:
>
> >> Message objects are immutable. Unfortunately, readExternal() -- specified
> >> by the Externalizable interface -- is a mutating method. Implementing it
> >> would destroy the immutability guarantee, possibly introducing bugs or even
> >> security problems. Is there a way around this? I admit I'm no expert on
> >> Java serialization (as you might guess, I don't use it! :) ).
>
> >> On Fri, Feb 12, 2010 at 2:32 AM, yahro <[email protected]> wrote:
>
> >>> Hi,
>
> >>> Is there something preventing Protocol Buffer Java classes from being
> >>> serializable e.g. using java.io.Externalizable? I would like to use
> >>> Protocol Buffer classes to store data in caches, data stores etc.
> >>> Currently I have to write awkward custom serializers while it seems,
> >>> that it would be enough to add add two methods, implement
> >>> java.io.Externalizable interface and classes would be efficiently
> >>> serializable. Am I missing something?
>
> >>> Best regards,
> >>> Jarek
>
> >>> --
> >>> You received this message because you are subscribed to the Google Groups
> >>> "Protocol Buffers" group.
> >>> To post to this group, send email to [email protected].
> >>> To unsubscribe from this group, send email to
> >>> [email protected]<protobuf%[email protected]
> >>> om>
> >>> .
> >>> For more options, visit this group at
> >>>http://groups.google.com/group/protobuf?hl=en.
--
You received this message because you are subscribed to the Google Groups
"Protocol Buffers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/protobuf?hl=en.
