Imagine you are working on a system that heavily utilizes serialization. How would you manage a scenario where sensitive data, such as passwords, should not be serialized?
- Encrypt the sensitive data before serialization and decrypt it after deserialization
- Implement a custom writeObject method to exclude the sensitive data during serialization
- Use a separate, non-serializable class to store sensitive data
- Use the transient keyword to mark the sensitive data
The transient keyword is used to indicate that a field should not be serialized. In this scenario, marking sensitive data fields as transient ensures that they are excluded from serialization. Implementing a custom writeObject method allows fine-grained control over the serialization process. Encrypting the data is a valid approach but doesn't directly address the issue of excluding it from serialization. Using a separate class for sensitive data avoids serialization issues but is not directly related to the question.
Loading...
Related Quiz
- In a scenario where you are designing a system that will store and manipulate confidential data (like passwords) which will be stored in the form of strings, how would you ensure that this sensitive data is not prone to security issues related to string handling?
- Synchronized methods prevent thread interference and memory consistency errors by allowing ________ thread(s) to execute the method's entire body.
- Lambda expressions are used primarily to define the implementation of ________ interfaces.
- Which access modifier allows a member to be accessed from within its own class only?
- How does the use of synchronized methods or blocks affect the performance of a Java application and why?