XStream Marshalling XML using OX Mappers
21.9 XStream
XStream is a simple library to serialize objects to XML and back again. It does not require any mapping, and generates clean XML. For more information on XStream, refer to the XStream web site . The Spring integration classes reside in the org.springframework.oxm.xstream package. XStreamMarshaller The XStreamMarshaller does not require any configuration, and can be configured in an application context directly. To further customize the XML, you can set analias map, which consists of string aliases mapped to classes: 4.3.9.RELEASE Spring Framework 476 beans bean id = xstreamMarshaller class = org.springframework.oxm.xstream.XStreamMarshaller property name = aliases props prop key = Flight org.springframework.oxm.xstream.Flight prop props property bean ... beans Warning By default, XStream allows for arbitrary classes to be unmarshalled, which can lead to unsafe Java serialization effects. As such, it is not recommended to use the XStreamMarshaller to unmarshal XML from external sources i.e. the Web, as this can result in security vulnerabilities. If you choose to use the XStreamMarshaller to unmarshal XML from an external source, set the supportedClasses property on the XStreamMarshaller , like as follows: bean id = xstreamMarshaller class = org.springframework.oxm.xstream.XStreamMarshaller property name = supportedClasses value = org.springframework.oxm.xstream.Flight ... bean This will make sure that only the registered classes are eligible for unmarshalling. Additionally, you can register custom converters to make sure that only your supported classes can be unmarshalled. You might want to add a CatchAllConverter as the last converter in the list, in addition to converters that explicitly support the domain classes that should be supported. As a result, default XStream converters with lower priorities and possible security vulnerabilities do not get invoked. Note Note that XStream is an XML serialization library, not a data binding library. Therefore, it has limited namespace support. As such, it is rather unsuitable for usage within Web services. Part VI. The Web This part of the reference documentation covers Spring Framework’s support for the presentation tier and specifically web-based presentation tiers including support for WebSocket-style messaging in web applications. Spring Framework’s own web framework, Spring Web MVC , is covered in the first couple of chapters. Subsequent chapters are concerned with Spring Framework’s integration with other web technologies, such as JSF . Following that is coverage of Spring Framework’s MVC portlet framework . The section then concludes with comprehensive coverage of the Spring Framework Chapter 26, WebSocket Support including Section 26.4, “STOMP Over WebSocket Messaging Architecture”. • Chapter 22, Web MVC framework • Chapter 23, View technologies • Chapter 24, Integrating with other web frameworks • Chapter 25, Portlet MVC Framework • Chapter 26, WebSocket Support 4.3.9.RELEASE Spring Framework 47822. Web MVC framework
Parts
» Dependency Injection and Inversion of Control Framework Modules
» Usage scenarios Introduction to the Spring Framework
» Java EE 6 and 7 Groovy Bean Definition DSL
» Core Container Improvements General Web Improvements
» WebSocket, SockJS, and STOMP Messaging Testing Improvements
» JMS Improvements Caching Improvements
» Web Improvements New Features and Enhancements in Spring Framework 1
» WebSocket Messaging Improvements Testing Improvements
» Core Container Improvements New Features and Enhancements in Spring Framework 4.2
» Data Access Improvements JMS Improvements Web Improvements
» Core Container Improvements Data Access Improvements Caching Improvements
» JMS Improvements Web Improvements WebSocket Messaging Improvements Testing Improvements
» Introduction to the Spring IoC container and beans
» Container overview The IoC container
» Bean overview The IoC container
» Dependencies The IoC container
» y.Baz beans The IoC container
» driverClassName = username = The IoC container
» email = spouse-ref = The IoC container
» y.Bar bean y.Foo constructor-arg y.Foo c:bar-ref baz-ref = y.Foo c:_0-ref _1-ref =
» y.z.MyValueCalculator b.c.ReplacementComputeValue Bean scopes
» y.Foo property Customizing the nature of a bean
» Bean definition inheritance The IoC container
» Container Extension Points The IoC container
» Annotation-based container configuration The IoC container
» Classpath scanning and managed components
» Using JSR 330 Standard Annotations
» Java-based container configuration The IoC container
» Environment abstraction The IoC container
» Registering a LoadTimeWeaver Additional Capabilities of the ApplicationContext
» The BeanFactory The IoC container
» Introduction The Resource interface
» Built-in Resource implementations Resources
» The ResourceLoaderAware interface Resources
» Resources as dependencies Application contexts and Resource paths
» Introduction Validation, Data Binding, and Type Conversion
» Validation using Spring’s Validator interface
» Resolving codes to error messages Bean manipulation and the BeanWrapper
» Spring Type Conversion Validation, Data Binding, and Type Conversion
» Spring Field Formatting Validation, Data Binding, and Type Conversion
» Configuring a global date time format
» Spring Validation Validation, Data Binding, and Type Conversion
» Introduction Feature Overview Spring Expression Language SpEL
» Expression Evaluation using Spring’s Expression Interface
» Expression support for defining bean definitions
» Language Reference Spring Expression Language SpEL
» 3e0 4 .getValueDouble. 4e0 2 .getValueDouble.
» Classes used in the examples
» Introduction Aspect Oriented Programming with Spring
» Schema-based AOP support Aspect Oriented Programming with Spring
» y.service.DefaultFooService y.SimpleProfiler aop:config
» Choosing which AOP declaration style to use
» Mixing aspect types Proxying mechanisms
» Introduction Pointcut API in Spring
» Advisor API in Spring Using the ProxyFactoryBean to create AOP proxies
» Concise proxy definitions Spring AOP APIs
» Creating AOP proxies programmatically with the ProxyFactory Manipulating advised objects
» Using the auto-proxy facility
» Using TargetSources Spring AOP APIs
» Mock Objects Unit Testing support Classes
» Overview Goals of Integration Testing
» JDBC Testing Support Annotations
» Spring TestContext Framework Integration Testing
» loginAction-ref = username = userPreferences-ref = theme =
» PetClinic Example Integration Testing
» Understanding the Spring Framework transaction abstraction
» Synchronizing resources with transactions
» Declarative transaction management Transaction Management
» y.service.DefaultFooService Transaction Management
» y.service.DefaultFooService y.SimpleProfiler y.service.DefaultFooService
» y.SimpleProfiler Transaction Management
» Programmatic transaction management Transaction Management
» Choosing between programmatic and declarative transaction management Transaction bound event
» Application server-specific integration Transaction Management
» Introduction Consistent exception hierarchy
» Annotations used for configuring DAO or Repository classes
» Introduction to Spring Framework JDBC
» Using the JDBC core classes to control basic JDBC processing and error handling
» Controlling database connections Data access with JDBC
» JDBC batch operations Data access with JDBC
» Simplifying JDBC operations with the SimpleJdbc classes
» Modeling JDBC operations as Java objects
» Common problems with parameter and data value handling
» Embedded database support Data access with JDBC
» Initializing a DataSource Data access with JDBC
» Introduction to ORM with Spring
» General ORM integration considerations
» Hibernate Object Relational Mapping ORM Data Access
» JDO Object Relational Mapping ORM Data Access
» Introduction Marshaller and Unmarshaller
» Using Marshaller and Unmarshaller
» XML Schema-based Configuration JAXB
» Castor Marshalling XML using OX Mappers
» XMLBeans JiBX Marshalling XML using OX Mappers
» XStream Marshalling XML using OX Mappers
» Introduction to Spring Web MVC framework
» The DispatcherServlet Web MVC framework
» Handler mappings Web MVC framework
» Resolving views Web MVC framework
» Using flash attributes Web MVC framework
» Building URIs Web MVC framework
» Using locales Web MVC framework
» Using themes Web MVC framework
» Spring’s multipart file upload support
» Handling exceptions Web MVC framework
» Web Security Convention over configuration support
» y.RegistrationController HTTP caching support
» Code-based Servlet container initialization
» Configuring Spring MVC Web MVC framework
» simpleDateFormat = Web MVC framework
» Introduction Thymeleaf Groovy Markup Templates
» Velocity FreeMarker View technologies
» Document views PDFExcel Property
» Feed Views JSON Mapping View
» Introduction Integrating with other web frameworks
» Common configuration Integrating with other web frameworks
» JavaServer Faces 1.2 Apache Struts 2.x
» Introduction Portlet MVC Framework
» The DispatcherPortlet Portlet MVC Framework
» The ViewRendererServlet Controllers Portlet MVC Framework
» Handler mappings Portlet MVC Framework
» Views and resolving them Multipart file upload support
» Handling exceptions Annotation-based controller configuration
» absolute-ordering absolute-ordering WebSocket API
» SockJS Fallback Options WebSocket Support
» STOMP Over WebSocket Messaging Architecture
» Introduction Controller method CORS configuration
» Global CORS configuration Advanced Customization
» Introduction Remoting and web services using Spring
» Using Hessian or Burlap to remotely call services via HTTP
» Exposing services using HTTP invokers
» Web services Remoting and web services using Spring
» JMS Remoting and web services using Spring
» Accessing RESTful services on the Client
» Introduction Accessing EJBs Enterprise JavaBeans EJB integration
» Introduction JMS Java Message Service
» Using Spring JMS JMS Java Message Service
» Sending a Message JMS Java Message Service
» Receiving a message JMS Java Message Service
» Support for JCA Message Endpoints
» Annotation-driven listener endpoints JMS Java Message Service
» JMS namespace support JMS Java Message Service
» Introduction Exporting your beans to JMX
» Controlling the management interface of your beans
» Controlling the ObjectNames for your beans
» Accessing MBeans via Proxies
» Introduction Configuring CCI JCA CCI
» Using Spring’s CCI access support
» Modeling CCI access as operation objects
» Using the JavaMail MimeMessageHelper
» Introduction The Spring TaskExecutor abstraction
» The Spring TaskScheduler abstraction
» Annotation Support for Scheduling and Asynchronous Execution
» The task namespace Task Execution and Scheduling
» Introduction A first example
» y.DefaultBookingService property Defining beans that are backed by dynamic languages
» y.DefaultBookingService property Dynamic language support
» Scenarios Dynamic language support
» Bits and bobs y.DefaultBookingService property
» Introduction Understanding the cache abstraction
» Declarative annotation-based caching Cache Abstraction
» JCache JSR-107 annotations Cache Abstraction
» Declarative XML-based caching y.service.DefaultBookService
» Configuring the cache storage name =
» Classic ORM usage Classic Spring Usage
» JMS Usage Classic Spring Usage
» Concise proxy definitions Classic Spring AOP Usage
» Using the autoproxy facility
» Using TargetSources Classic Spring AOP Usage
» Introduction XML Schema-based configuration
» Introduction Authoring the schema
» Coding a NamespaceHandler Extensible XML authoring
» BeanDefinitionParser Extensible XML authoring
» Registering the handler and the schema
» Using a custom extension in your Spring XML configuration Meatier examples
» Introduction The argument tag The bind tag
» The escapeBody tag The eval tag The hasBindErrors tag
» The htmlEscape tag The message tag
» The nestedPath tag The param tag The theme tag
» The transform tag The url tag
» Introduction The button tag The checkbox tag
» The checkboxes tag The errors tag
» The option tag The options tag
» The password tag The radiobutton tag
Show more