XStream的介绍

  XStream是一种OXMapping 技术，是用来处理XML文件序列化的框架,在将JavaBean序列化，或将XML文件反序列化的时候，不需要其它辅助类和映射文件，使得XML序列化不再繁索。XStream也可以将JavaBean序列化成Json或反序列化，使用非常方便。

使用问题及解决方法

## 使用时抛出警告
     XStream1.4.10 出现警告：Security framework of XStream not initialized, XStream is probably vulnerable
     XStream的安全框架没有初始化，xstream 容易受攻击
## 解决方法:          
    XStream对象设置默认安全防护，同时设置允许的类
    ---------------------------我是分割线,代码如下--------------------------  
    '''
    XStream xStream = new XStream();
    xStream.setupDefaultSecurity(xStream);
    xStream.allowTypes(new Class[]{Person.class});  
    '''

XStream的基本使用

pom依赖

'''
<!-- https://mvnrepository.com/artifact/com.thoughtworks.xstream/xstream -->
<dependency>
  <groupId>com.thoughtworks.xstream</groupId>
  <artifactId>xstream</artifactId>
  <version>1.4.10</version>
</dependency>
'''

Xstream序列化XML

    '''
    XStream xStream = new XStream(new StaxDriver());
    xStream.setupDefaultSecurity(xStream);
    xStream.allowTypes(new Class[]{Person.class});
    Person bean = new Person("杨大壮",18);
    xStream.alias("人",Person.class);
    //XML序列化
    String xml = xStream.toXML(bean);
    System.out.println(xml);
    //XML反序列化
    bean=(Person)xStream.fromXML(xml);
    System.out.println(bean);
    '''

程序运行结果：
<?xml version="1.0" ?><人><name>杨大壮</name><age>18</age></人>
Person [name=杨大壮, age=18]

Xstream序列化Json

注意：Xstream序列化Json时，需要引入jettison-[version].jar

'''
<!-- https://mvnrepository.com/artifact/org.codehaus.jettison/jettison -->
<dependency>
  <groupId>org.codehaus.jettison</groupId>
  <artifactId>jettison</artifactId>
  <version>1.4.0</version>
</dependency>
'''
 
    '''
    XStream xstream = new XStream(new JettisonMappedXmlDriver());//设置Json解析器
    xstream.setMode(XStream.NO_REFERENCES);//设置reference模型,不引用
    Person bean=new Person("杨大壮",20);
xstream.alias("人",Person.class);//为类名节点重命名
    //Json序列化
    String xml = xstream.toXML(bean);
System.out.println(xml);
//Json反序列化
bean=(Person)xstream.fromXML(xml);
System.out.println(bean);
    '''

运行结果：
{"人":{"name":"杨大壮","age":20}}
Person [name=杨大壮, age=20]

Xstream注解的使用

设置Xstream应用注解

XStream xstream =  new  XStream();
xstream.processAnnotations(Person.class);
xstream.autodetectAnnotations(true);

重命名注解：@XStreamAlias()

@XStreamAlias("人")
class  Person {
@XStreamAlias("姓名")
private  String name;
@XStreamAlias("年龄")
private  int age;
@XStreamAlias("朋友")
private  List friends;
public  Person(String name,  int age,  String... friends) {
this.name = name;
this.age = age;
this.friends =  Arrays.asList(friends);
}
@Override
public  String toString() {
return  "Person [name="  + name +  ", age="  + age +  ", friends="  + friends +  "]";
}
}
···
程序运行结果：
<人>
<姓名>杨大壮</姓名>
<年龄>20</年龄>
<朋友  class="java.util.Arrays$ArrayList">
<a class="string-array">
<string>李四</string>
<string>王五</string>
<string>赵六</string>
</a>
</朋友>
</人>
Person  [name=杨大壮, age=20, friends=[李四,  王五,  赵六]]

##把字段节点设置成属性：@XStreamAsAttribute
class  Person {
@XStreamAsAttribute
private  String name;
@XStreamAsAttribute
private  int age;
private  List<String> friends;
public  Person(String name,  int age,  String... friends) {
this.name = name;
this.age = age;
this.friends =  Arrays.asList(friends);
}
@Override
public  String toString() {
return  "Person [name="  + name +  ", age="  + age +  ", friends="  + friends +  "]";
}
}
程序运行结果：
<test.Person name="张三" age="19">
<friends class="java.util.Arrays$ArrayList">
<a class="string-array">
<string>李四</string>
<string>王五</string>
<string>赵六</string>
</a>
</friends>
</test.Person>
Person  [name=杨大壮, age=20, friends=[李四,  王五,  赵六]]

## Xstream对象流的使用
**Xstream对象输出流**
class  Person {
private  String name;
private  int age;
public  Person(String name,  int age) {
this.name = name;
this.age = age;
}
}
public  class  Test {
public  static  void main(String[] args)  throws  IOException {
XStream xstream =  new  XStream();
ObjectOutputStream out = xstream.createObjectOutputStream(System.out);
out.writeObject(new  Person("张三",12));
out.writeObject(new  Person("李四",19));
out.writeObject("Hello");
out.writeInt(12345);
out.close();
}
}

程序运行结果：
<object-stream>
<test.Person>
<name>张三</name>
<age>12</age>
</test.Person>
<test.Person>
<name>李四</name>
<age>19</age>
</test.Person>
<string>Hello</string>
<int>12345</int>
</object-stream>

**Xstream对象输出流**
class  Person {
private  String name;
private  int age;
public  Person(String name,  int age)
{
this.name = name;
this.age = age;
}
@Override
public  String toString() {
return  "Person [name="  + name +  ", age="  + age +  "]";
}
}
public  class  Test {
public  static  void main(String[] args)  throws  IOException,  ClassNotFoundException {
String s="<object-stream><test.Person><name>张三</name><age>12</age></test.Person><int>12345</int></object-stream>";
StringReader reader =  new  StringReader(s);
XStream xstream =  new  XStream();
ObjectInputStream in = xstream.createObjectInputStream(reader);
System.out.println((Person) in.readObject());
System.out.println(in.readInt());
}
}

程序运行结果：
Person  [name=张三, age=12]
12345

## Xstream持久化API
class  Person {
private  String name;
private  int age;
public  Person(String name,  int age) {
this.name = name;
this.age = age;
}
@Override
public  String toString() {
return  "Person [name="  + name +  ", age="  + age +  "]";
}
}
public  class  Test {
public  static  void main(String[] args)  throws  IOException,  ClassNotFoundException {
PersistenceStrategy strategy =  new  FilePersistenceStrategy(new  File("D:\\tmp"));
List list =  new  XmlArrayList(strategy);
list.add(new  Person("张三",13));//保存数据
list.add(new  Person("李四",21));
list.add(new  Person("王五",17));
}
}

程序运行结果：如果我们检查D:\tmp目录,有三个文件:int@0.xml、int@1.xml、int@2.xml；每个对象都被序列化到XML文件里。

XStream介绍及简单使用

XStream介绍及简单使用

XStream的介绍

使用问题及解决方法

XStream的基本使用

pom依赖

Xstream序列化XML

Xstream序列化Json

注意：Xstream序列化Json时，需要引入jettison-[version].jar

Xstream注解的使用

设置Xstream应用注解

重命名注解：@XStreamAlias()