xdocs/ElementSerializers.xml - commons-jcs - Git at Google

 <?xml version="1.0"?>
 	<!--
 		Licensed to the Apache Software Foundation (ASF) under one or more
 		contributor license agreements. See the NOTICE file distributed with
 		this work for additional information regarding copyright ownership.
 		The ASF licenses this file to you under the Apache License, Version
 		2.0 (the "License"); you may not use this file except in compliance
 		with the License. You may obtain a copy of the License at
 		http://www.apache.org/licenses/LICENSE-2.0 Unless required by
 		applicable law or agreed to in writing, software distributed under the
 		License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
 		CONDITIONS OF ANY KIND, either express or implied. See the License for
 		the specific language governing permissions and limitations under the
 		License.
 	-->
 <document>
 	<properties>
 		<title>Element Serializers</title>
 		<author email="tv@apache.org">Thomas Vandahl</author>
 	</properties>
 	<body>
 		<section name="Serializing and De-serializing Cache Objects">
 			<p> When using auxiliary caches, cache elements need to be serialized
                 into a byte stream in order to be stored on disk or transported
                 through a network. For reading from these caches, bytes must be
                 de-serialized into objects. By default, JCS uses the standard JDK
                 methods for serializing and de-serializing objects. However, all
                 of the auxiliaries also support setting a custom serializer to
                 have finer control of the behavior.</p>

 			<p> This document describes the built-in serializers and their
                 configuration.</p>
 		</section>
         <section name="Compressing Serializer">
             <p> The <code>CompressingSerializer</code> gzips the bytes
                 after serializing the cache object the default way. For reading,
                 the bytes will be de-compressed first and then de-serialized into
                 a Java object. The class can also be used as a wrapper around an
                 arbitrary class implementing <code>IElementSerializer</code>.</p>

             <p> The configuration for a typical application looks like this:</p>
             <source>
                 <![CDATA[
 # Block Disk Cache
 jcs.auxiliary.blockDiskCache=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheFactory
 jcs.auxiliary.blockDiskCache.attributes=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheAttributes
 jcs.auxiliary.blockDiskCache.attributes.DiskPath=target/test-sandbox/block-disk-cache
 jcs.auxiliary.blockDiskCache.serializer=org.apache.commons.jcs3.utils.serialization.CompressingSerializer
                 ]]>
             </source>
         </section>
         <section name="Encrypting Serializer">
             <p> The <code>EncryptingSerializer</code> uses AES to encrypt the bytes
                 after serializing the cache object the default way. For reading,
                 the bytes will be decrypted first and then de-serialized into
                 a Java object. The class can also be used as a wrapper around an
                 arbitrary class implementing <code>IElementSerializer</code>.</p>

             <p> The implementation uses a symmetrical pre-shared key phrase for
                 encrypting and decrypting the data. The key is salted separately
                 for each object and the salt is stored together with the serialized
                 data.</p>

             <p> The configuration for a typical application looks like this:</p>
             <source>
                 <![CDATA[
 # Block Disk Cache
 jcs.auxiliary.blockDiskCache2=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheFactory
 jcs.auxiliary.blockDiskCache2.attributes=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheAttributes
 jcs.auxiliary.blockDiskCache2.attributes.DiskPath=target/test-sandbox/block-disk-cache2
 jcs.auxiliary.blockDiskCache2.serializer=org.apache.commons.jcs3.utils.serialization.EncryptingSerializer
 jcs.auxiliary.blockDiskCache2.serializer.attributes.preSharedKey=my_secret
                 ]]>
             </source>

             <p> The AES cipher transformation default is AES/ECB/PKCS5Padding as this
                 algorithm must be supported by every JDK 8, according to the
                 <a href="https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html">docs</a>.
                 Special handling is provided for the AES/GCM/NoPadding algorithm which
                 can be activated like this:</p>
             <source>
                 <![CDATA[
 jcs.auxiliary.blockDiskCache2.serializer.attributes.aesCipherTransformation=AES/GCM/NoPadding
                 ]]>
             </source>

             <p> The encryption code uses the default constructor of SecureRandom() to create
                 a random number generator. Depending on your security requirements, you should
                 configure a SecureRandom that works for your environment, giving preference to
                 the ones with good randomness (given that your environment generates entropy fast
                 enough, we saw problems with Linux).</p>
         </section>
 	</body>
 </document>
	<?xml version="1.0"?>
	<!--
	Licensed to the Apache Software Foundation (ASF) under one or more
	contributor license agreements. See the NOTICE file distributed with
	this work for additional information regarding copyright ownership.
	The ASF licenses this file to you under the Apache License, Version
	2.0 (the "License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at
	http://www.apache.org/licenses/LICENSE-2.0 Unless required by
	applicable law or agreed to in writing, software distributed under the
	License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
	CONDITIONS OF ANY KIND, either express or implied. See the License for
	the specific language governing permissions and limitations under the
	License.
	-->
	<document>
	<properties>
	<title>Element Serializers</title>
	<author email="tv@apache.org">Thomas Vandahl</author>
	</properties>
	<body>
	<section name="Serializing and De-serializing Cache Objects">
	<p> When using auxiliary caches, cache elements need to be serialized
	into a byte stream in order to be stored on disk or transported
	through a network. For reading from these caches, bytes must be
	de-serialized into objects. By default, JCS uses the standard JDK
	methods for serializing and de-serializing objects. However, all
	of the auxiliaries also support setting a custom serializer to
	have finer control of the behavior.</p>

	<p> This document describes the built-in serializers and their
	configuration.</p>
	</section>
	<section name="Compressing Serializer">
	<p> The <code>CompressingSerializer</code> gzips the bytes
	after serializing the cache object the default way. For reading,
	the bytes will be de-compressed first and then de-serialized into
	a Java object. The class can also be used as a wrapper around an
	arbitrary class implementing <code>IElementSerializer</code>.</p>

	<p> The configuration for a typical application looks like this:</p>
	<source>
	<![CDATA[
	# Block Disk Cache
	jcs.auxiliary.blockDiskCache=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheFactory
	jcs.auxiliary.blockDiskCache.attributes=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheAttributes
	jcs.auxiliary.blockDiskCache.attributes.DiskPath=target/test-sandbox/block-disk-cache
	jcs.auxiliary.blockDiskCache.serializer=org.apache.commons.jcs3.utils.serialization.CompressingSerializer
	]]>
	</source>
	</section>
	<section name="Encrypting Serializer">
	<p> The <code>EncryptingSerializer</code> uses AES to encrypt the bytes
	after serializing the cache object the default way. For reading,
	the bytes will be decrypted first and then de-serialized into
	a Java object. The class can also be used as a wrapper around an
	arbitrary class implementing <code>IElementSerializer</code>.</p>

	<p> The implementation uses a symmetrical pre-shared key phrase for
	encrypting and decrypting the data. The key is salted separately
	for each object and the salt is stored together with the serialized
	data.</p>

	<p> The configuration for a typical application looks like this:</p>
	<source>
	<![CDATA[
	# Block Disk Cache
	jcs.auxiliary.blockDiskCache2=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheFactory
	jcs.auxiliary.blockDiskCache2.attributes=org.apache.commons.jcs3.auxiliary.disk.block.BlockDiskCacheAttributes
	jcs.auxiliary.blockDiskCache2.attributes.DiskPath=target/test-sandbox/block-disk-cache2
	jcs.auxiliary.blockDiskCache2.serializer=org.apache.commons.jcs3.utils.serialization.EncryptingSerializer
	jcs.auxiliary.blockDiskCache2.serializer.attributes.preSharedKey=my_secret
	]]>
	</source>

	<p> The AES cipher transformation default is AES/ECB/PKCS5Padding as this
	algorithm must be supported by every JDK 8, according to the
	<a href="https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html">docs</a>.
	Special handling is provided for the AES/GCM/NoPadding algorithm which
	can be activated like this:</p>
	<source>
	<![CDATA[
	jcs.auxiliary.blockDiskCache2.serializer.attributes.aesCipherTransformation=AES/GCM/NoPadding
	]]>
	</source>

	<p> The encryption code uses the default constructor of SecureRandom() to create
	a random number generator. Depending on your security requirements, you should
	configure a SecureRandom that works for your environment, giving preference to
	the ones with good randomness (given that your environment generates entropy fast
	enough, we saw problems with Linux).</p>
	</section>
	</body>
	</document>