/** * Obtain an ObjectInputStream that allows de-serialization of a graph of objects. * * @throws IOException when the de-serialziation fails * @return an ObjectInputStream that can be used to deserialize objects */ public ObjectInputStream createObjectInputStream( final InputStream is, final boolean resolveObject, final ClassLoader loader) throws Exception { ObjectInputStream ois = null; if (loader != null) { // Need privileged block here because EJBObjectInputStream // does enableResolveObject if (System.getSecurityManager() == null) { ois = new EJBObjectInputStream(is, loader, resolveObject); } else { try { ois = (ObjectInputStream) AccessController.doPrivileged( new PrivilegedExceptionAction() { public java.lang.Object run() throws Exception { return new EJBObjectInputStream(is, loader, resolveObject); } }); } catch (PrivilegedActionException ex) { throw (IOException) ex.getException(); } } } else { ois = new ObjectInputStream(is); } return ois; }
/** * Obtain an ObjectOutputStream that allows serialization of a graph of objects. The objects can * be plain Serializable objects or can be converted into Serializable objects using the handler * * @throws IOException when the serialziation fails * @return an ObjectOutputStream that can be used to serialize objects */ public ObjectOutputStream createObjectOutputStream( final OutputStream os, final boolean replaceObject, final NonSerializableObjectHandler handler) throws IOException { // Need privileged block here because EJBObjectOutputStream // does enableReplaceObject ObjectOutputStream oos = null; if (System.getSecurityManager() == null) { oos = new EJBObjectOutputStream(os, replaceObject, handler); } else { try { oos = (ObjectOutputStream) AccessController.doPrivileged( new PrivilegedExceptionAction() { public java.lang.Object run() throws Exception { return new EJBObjectOutputStream(os, replaceObject, handler); } }); } catch (PrivilegedActionException ex) { throw (IOException) ex.getException(); } } return oos; }
/** Utility routine for setting the context class loader. Returns previous class loader. */ public static ClassLoader setContextClassLoader(ClassLoader newClassLoader) { // Can only reference final local variables from dopriveleged block final ClassLoader classLoaderToSet = newClassLoader; final Thread currentThread = Thread.currentThread(); ClassLoader originalClassLoader = currentThread.getContextClassLoader(); if (classLoaderToSet != originalClassLoader) { if (System.getSecurityManager() == null) { currentThread.setContextClassLoader(classLoaderToSet); } else { java.security.AccessController.doPrivileged( new java.security.PrivilegedAction() { public java.lang.Object run() { currentThread.setContextClassLoader(classLoaderToSet); return null; } }); } } return originalClassLoader; }