I use the code below to write object into file. However, in the final file, i also have the class name and the signature of the class. Due to the security problem, i want to get rid of them. How can I implement it in Java ?
you can provide your own writeObject/readObject implementations for your object types rather than relying on the defaults.
I'm not sure what 'security issues' you're trying to resolve, but those methods are how you implement customized Object serialization.
Thai C. Tran
Joined: Jul 05, 2009
I am developing a cryptography app by using java. In the end of the process, password from user is encrypted and added with some other parameters and meta data into an object, which will be saved into file for the later usage. Therefore, leaving some footprints in the final file is not good. The file will be also read by another program (in C++), so the structure of the file is fixed as well. The content of the object is correct right now, except when being converted into byte array, Java automatically add more information into the final data