Copyright © 2001 Qusay H. Mahmoud
Security in Object
Serialization…
lThere are two ways to serialize an object without
exposing any sensitive data to the world:
–Mark
any sensitive data fields as transient
e.g.: private transient String
passwd;
–Implement
the Externalizable
interface
Note:
fields that are marked static are not saved as
well.