12.18 Customizing the Serialization Process

 <  Day Day Up  >  

You want to take control over the serialization process by creating your own custom serialization scheme.


Technique

Even though the binary, XML, and SOAP serializers do a good job of serialization, you might need more control over the items that get serialized. You have to implement the ISerializable interface. This interface contains a single method that you must implement: GetObjectData , which is used during the serialization process, and an additional constructor for deserialization, which is discussed shortly.

The GetObjectData method has two parameters. The first parameter is a SerializationInfo object used to hold all the necessary serialization data. Data is stored using a key/value pair method in which the key is a string object and the value can be any .NET object type. To add a new value to the collection, call the AddValue method, passing a string and the object to add. The second parameter is a StreamingContext object used to describe both the source and destination streams:

 
 [Serializable] public class CustomSerializedObject : ISerializable {     private int data = 42;     public CustomSerializedObject()     {     }     public CustomSerializedObject( SerializationInfo info, StreamingContext context )     {         data = info.GetInt32( "data" );     }     #region ISerializable Members     public void GetObjectData(SerializationInfo info, StreamingContext context)     {         info.AddValue( "data", data );     }     #endregion } 

During the deserialization of an object that utilizes a custom serialization scheme, a special object constructor is called. Because there is no way to enforce the creation of this constructor, the only error that you will receive for a custom serialized object is an exception being thrown during the deserialization process. In other words, forgetting the custom constructor appears during runtime and not during compile time. The overloaded constructor uses the same parameters as the GetObjectData method. However, within the body of the constructors, you will want to call the various Get methods to retrieve data. Again, because the data is stored using key/value pairs, the methods themselves accept a string denoting a key and return the corresponding data type.

Comments

Once you implement the ISerializable interface in a class, the serialization process immediately becomes a hands-on process. Any of the attributes that you have applied to prevent data items from being serialized are no longer valid. Even more so, data items that are normally automatically serialized will not be. Implementing a custom serializer entails having to create all the necessary AddValue calls for the serialization process.

The last section mentioned that some data members within a class open up a potential security risk if the corresponding data were to be serialized. One solution was to simply prevent the data from being written to disk, but in some situations, this step might not be desirable. Another solution is to use a custom serializer. When the GetObjectData method is called, you have the opportunity to change the actual data before it is serialized to eliminate these unnecessary risks. A field containing credit card information, for instance, could be encrypted during serialization and subsequently unencrypted when deserialized.

 <  Day Day Up  >  


Microsoft Visual C# .Net 2003
Microsoft Visual C *. NET 2003 development skills Daquan
ISBN: 7508427505
EAN: 2147483647
Year: 2003
Pages: 440

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net