Home   FAQs   New Arrivals   Specials   Pricing & Shipping   Location   Corporate Services   Why Choose Bookware?  
Call our store: 9955 5567 (from within Sydney) or 1800 734 567 (from outside Sydney)
 View Cart   Check Out   
Browse by Subject
 TAFE Accounting
 TAFE I.T./Computing
 TAFE - Other
 Windows 8
 Adobe CS6
 CCNA 2012
 CCNP 2012
 Web Design
 Project Management
 Mobile Devices
 Windows Server 2012
 SQL Server 2012
Economics and Business
 Business Information Systems
 Human Resources

Visual Basic .NET Serialization Handbook

by: Adil Rehan Andy Olsen Matjaz B Juric Eric Lippert

Notify me when in stock

On-line Price: TBAPaperbackpackage, 344

Retail Price: TBA

Publisher: WROX PRESS,Nov-2002

Category: VB.NET Level: B/I/A

ISBN: 1861008007
ISBN13: 9781861008008

Add to Shopping Cart

Book overview

Serialization is a fundamental process that creates a persistent and portable representation of an object. This representation can be stored to disk, or moved across a network so that the object can be recreated on another machine.

Before .NET, developers often created serialization code that serialized objects into a proprietary format. This format was often application-specific, so sharing serialization files between applications was tricky.

  .NET improves upon this situation by providing a standard way of serializing and deserializing objects. Basic .NET serialization to XML, SOAP, and binary formats is also easy-to-use, because we do not have to provide any explicit serialization code. However, .NET serialization is also extensible, so we can provide own serialization format and code should we need or want to. Finally, .NET serialization persists not only the object state but also its metadata, which means that .NET applications on different platforms (such as Windows and Linux) could exchange and share serialized data in files.

  Indeed, serialization plays a key role in the .NET Framework, being intimately linked to many important aspects of it, especially Remoting and Web Services.

  So, it is clear that the advent of .NET presents developers with a new and exciting approach to serialization. To use it effectively and efficiently, developers need to understand the .NET serialization process, to be guided through its customizable features, and to be taught best practices. This book does just that.

              Summary Of Contents

Introduction 1

Chapter 1: Introducing .NET Serialization 5

Reviews what serialization is, where it is useful, and provides a conceptual overview of .NET's default deep and shallow serialization mechanisms

Chapter 2: Basic .NET Serialization 27

Shows you how to use .NET's default serialization mechanisms to serialize to (and deserialize from) XML, SOAP or binary formats, and contrasts their usage scenarios

Chapter 3: Designing Classes for Shallow Serialization 73

Using attributes to allow a serializable class to define its own shallow serialization format

Chapter 4: Designing Classes for Deep Serialization 113

How to allow a class to control its own deep serialization, and why you would want to do this

Chapter 5: Advanced Shallow Serialization Techniques 159

Discusses techniques that allow you to customize the shallow serialization format of a class without having to modify the class itself

Chapter 6: Advanced Deep Serialization Techniques 211

Demonstrates how you can customize the deep serialization of a class from outside of the class, and tells you why this is important

Chapter 7: Using .NET Serialization Securely 259

Reviews the security issues that impact upon serialization, including how to handle the serialization of sensitive state

Appendix A: Support, Errata, and Code Download 301

Index 305

Table of Contents

Introduction 1

      Who is this Book For? 2

      Book Outline 2

Chapter 1: Introducing .NET Serialization 5

      What is Serialization? 5

              Why is Serialization Important? 7

              A Grassroots Approach to Serialization 7

      Overview of .NET Serialization 10

              Types of Serialization in .NET 10

                      Shallow Serialization 11

                      Deep Serialization 13

              What's so Great about .NET Serialization? 16

                      Serialization in C++ 16

                      Serialization in Java 16

                      Serialization in COM/DCOM 17

      When is Serialization Used? 18

              State Persistence 18

                      Serializing Object State to File 19

                      Serializing Object State to a Database 19

                      Serializing Object State to Memory 20

              Exchanging Data Between Applications 21

                      Exchanging Data Between Applications on the Same Machine 21

                      Exchanging Data Between Machines Running the Same Platform 21

                      Exchanging Data Between Machines Running Different Platforms 22

      Coming Up Next... 24

      Summary 25

Chapter 2: Basic .NET Serialization 27

      Using Shallow Serialization 28

              The System.Xml.Serialization Namespace 28

              Using XmlSerializer 29

                      Creating the Serializable Book Class 29

                      Serializing a Book Object as XML 30

                      Deserializing the Book Object from the XML File 31

                      Running the Example 32

                      Serializing Private and Protected Fields 33

                      Running the Example 35

                      Serializing Public Properties 35

                      Running the Example 37

                      Serializing Arrays, Collections, and Enumerations 37

                      Running the Example 41

              XML Serialization of Objects within Objects 42

                      Running the Example 45

                      Circular References and XML Serialization 47

                      Running the Example 48

              When to Use XML Serialization 49

              Using SOAP Encoding with XMLSerializer 49

                      Running the Example 52

      Using Deep Serialization 52

              The System.Runtime.Serialization Namespace 53

              Using Formatters 54

                      Using the Binary Formatter 55

                      Running the Example 57

                      Using the SOAP Formatter 58

                      Running the Example 60

              Controlling Formatter-Based Serialization 61

                      Running the Example 63

              Deep Serialization of Object Graphs 64

                      Running the Example 66

                      Handling Circular References in Object Graphs 67

              Cloning Objects via Deep Serialization 69

      Summary 71

Chapter 3: Designing Classes for Shallow Serialization 73

      Customizing XML Serialization from Inside a Serializable Class 74

              Implementing the Basic Student Application 75

                      Implementing the Student Class 76

                      Implementing the Address Class 79

                      Implementing the MainClass 80

                      Running the Application 82

              Custom Serialization Using XML Attributes 84

                      Formatting the XML Document Element 86

                      Formatting XML Elements 87

                      Formatting XML Attributes 88

                      Defining Qualified Namespaces for Elements and Attributes 89

                      Formatting Text Content 90

                      Defining Data Types for Elements and Attributes 91

                      Specifying Alternative Names for Enumeration Identifiers 94

                      Serializing Polymorphic Arrays 95

                      Defining Nullable Object References 97

                      Defining Ignorable Fields and Properties 98

                      Effect of Custom Formatting on the Serialized Student Data 99

      Customizing XML Serialization to SOAP-Encoded Format 100

              Serializing the Student Application to SOAP-Encoded XML Format 100

                      Modifying the Student Class 101

                      Modifying the MainClass 101

                      Running the Application 103

              Custom Serialization to SOAP-Encoded Format Using SOAP Attributes 105

                      Modifying the Student Class 107

                      Running the Application 109

      Summary 110

Chapter 4: Designing Classes for Deep Serialization 113

      Custom Formatted Serialization Using ISerializable 114

              Defining a Custom Serialization Format 116

                      Implementing the Original InvestmentPlan Class 117

                      Implementing the MainForm 119

                      Running the Application 122

                      Improving InvestmentPlan By Customizing the Serialization Format 125

                      Running the Application 128

      Using Helper Classes to Control Deserialization 129

              Serializing and Deserializing an Existing .NET Singleton Type 130

              Serializing and Deserializing Custom Singleton Types 134

                      A Tour of the Radio Station Application 135

                      Implementing the Station Class 138

                      Implementing the AssignedStation Class 139

                      Implementing the UnassignedStation Class 140

                      Implementing the UnassignedStationSerializerHelper Class 142

                      Implementing the MainForm Class 143

                      Running the Application 146

                      Viewing the Serialized Data 147

      Deserializing Complex Object Graphs Correctly 148

              Using IDeserializationCallback 150

                      Implementing the Bank Class 151

                      Implementing the Account Class 153

                      Implementing the Customer Class 154

                      Implementing the Serialization Code 155

                      Implementing the Deserialization Code 156

                      Running the Example 156

      Summary 157

Chapter 5: Advanced Shallow Serialization Techniques 159

      Handling Unknown Content During XML Deserialization 160

              Ignoring Unknown Content 161

              Detecting Unknown Content 166

                      Tracing Unknown Content 173

              Processing Unknown Content 174

      Overriding Default XML Serialization 183

              Overriding Literal-Encoded XML Serialization 184

                      Overriding How a Data Type is Serialized as a Root Element 189

                      Overriding How Fields and Properties are Serialized as Elements 190

                      Overriding How Fields and Properties are Serialized as Attributes 192

                      Overriding How Fields and Properties are Serialized as Text 193

                      Overriding How Enumeration Identifiers are Serialized 193

                      Overriding How Arrays and Array Items are Serialized 194

                      Overriding Whether Fields and Properties Should Be Ignored During Serialization


                      Combining All of the Overrides 196

                      Testing the Application 198

              Overriding SOAP-Encoded XML Serialization 199

                      Using the SoapAttributes and SoapAttributeOverrides Classes 199

                      Example of Overriding SOAP-Encoded XML Serialization 202

                      Testing the Application 206

      Summary 207

Chapter 6: Advanced Deep Serialization Techniques 211

      Using Surrogates to Make Classes Serializable 212

              Using Surrogates to Serialize Public State 213

                      Implementing the Account Class 214

                      Implementing the AccountSurrogate Class 215

                      Implementing the AccountForm Class 216

                      Running the Application 219

              Using Surrogates with Reflection 220

                      Modifying the Account Class 221

                      Rewriting the AccountSurrogate Class 222

                      Running the Application 223

              Grouping Surrogates in a Surrogate Selector 225

                      Modifying the Account Class 226

                      Modifying the AccountForm Class 227

                      Implementing the TransactionSurrogate Class 228

                      Running the Application 229

              Chaining Surrogate Selectors Together 230

                      Modifying the Account Class 233

                      Modifying the AccountForm Class 234

                      Implementing the AccountSummarySurrogate Class 238

                      Running the Application 239

              Using Surrogate Classes Effectively 240

      Changing Type or Assembly on Deserialization 241

              Handling Versioning Issues Using SerializationBinder 242

                      Serializing Objects in the Original Assembly Version 242

                      Running the Application 244

                      Deserializing Objects into a Different Assembly Version 245

                      Running the Application 249

      Creating Custom Formatters 250

              The IFormatter Interface 251

                      Implementing a Custom Formatter 252

                      Running the Application 254

      Summary 255

Chapter 7: Using .NET Serialization Securely 259

      Serialization Security Overview 259

              What are the Security Issues with Serialization? 260

                      Manipulating Sensitive Data 260

                      File System Foibles 262

              Roadmap for the Chapter 262

      What is Code Security? 263

              Types of Security 263

              Code Security in the .NET Framework 264

                      Code Groups 265

              The Luring Attack 268

                      The Stack Walk 268

                      Forcing a Stack Walk with Demand 270

              .NET Code Security System in Brief 275

      Code Security and Serialization 275

              Serialization is a High Privilege 275

                      Using Visibility Attributes Effectively 276

                      Deserializing Sensitive State 278

                      What about the User? 278

                      Fully Trusted Trojan Horses 279

              Overriding the Security System 279

                      Asserting Yourself 280

      Safely Storing Serialized State 282

              File Storage and Partial Trust 282

                      What is Canonicalization? 282

                      Elevation of Privilege Attacks 284

              Using Isolated Storage 287

      Encryption and Serialization 289

              Encryption Overview 290

                      Symmetric Cryptosystems 291

                      Asymmetric Cryptosystems 292

                      Combined Cryptosystems 293

              Implementing Encrypted Serialization 294

                      Using CryptoStreams 295

                      Serialization and Deserialization with Encryption 296

                      Using Encryption Effectively 297

              The Future of Encryption and Serialization 298

      Summary 299

Appendix A: Support, Errata, and Code Download 301

      How to Download the Sample Code for the Book 301

      Errata 302

      E-Mail Support 302

      p2p.wrox.com 303

Index 305