想要加密我的 Java 对象的一部分并在在线发送之前对其进行序列化。
更清楚地说,我有一个工作流程,其中每个阶段都会吐出分支数据。我希望它的一部分(少数类变量)被加密,一部分是公开的。我有一个基本的序列化程序,我可以覆盖它以在序列化之前包含此加密部分。关于如何做有什么建议吗?
我正在考虑在这些变量上添加一些注释,例如@encypt,并在序列化之前对它们进行加密。但是,我不确定如何实现这个注释的东西。有什么指点吗?
class Foo{
private String username;
@encrypt
private String password;
}
class customSerializer{
writeExternal(Foo object){
encrypt(object);
serialize(encryptedObject);
}
}
encrypt(Foo object){
// Identify variables with @encrypt and encypt them.
}
我不确定应该如何在加密函数中实现“识别变量”部分。
Wanted to encrypt part of my Java object and serialize it before sending it on wire.
More clearly, I have a workflow where each stage of it spits branch data. I want part of it(few class variables) to be encrypted and part of it to be public. I have a basic serializer that I can override to include this encryption part before serializing. Any suggestions on how to do it?
I'm thinking of having some annotation like @encypt on these varibles and before serializing it, encrypt them. But, I am not sure how to do implement this annotation stuff. Any pointers?
class Foo{
private String username;
@encrypt
private String password;
}
class customSerializer{
writeExternal(Foo object){
encrypt(object);
serialize(encryptedObject);
}
}
encrypt(Foo object){
// Identify variables with @encrypt and encypt them.
}
I am not sure how I should implement this 'Identify variables' part in my encrypt function.
发布评论
评论(1)
这是真正的 Java 序列化吗?如果是这样,那么当您需要对 Java 对象的序列化进行细粒度控制时,请实现 可外部化接口。
Is this actual Java Serialization? If so, then when you need fine-grained control over serialization of a Java object, implement the Externalizable interface.