反射破坏单例 单例模式一般构造方法都是private,目的就是为了防止外界调用私有构造器创建多个实例,通过一个public的共有方法作为外界获取实例的唯一入口,从而实现单例。 但是反射能够访问私有的构造方法,只要反射获取的构造器调用 setAccessible(true) 方法即可。这样调用一次就会产生一个实例,调用多次就时多个实例,从而破坏单例。如何防止: 只要在单例的私有构造器中添加判断单例是否已经构造的代码,如果单例之前已经构造,则抛出异常,如果没有构造,则无所谓。如下 //单例被破坏则抛异常 private SingleTon1() { if(singleTon1 != null) { throw new RuntimeException(); } } 单例完整代码: public class SingleTon1 { private static SingleTon1 singleTon1 = new SingleTon1(); private SingleTon1() { if(singleTon1 != null) { throw new RuntimeException(); } } public static SingleTon1 getSingleTon1() { return singleTon1; } } 测试: 反射测试代码: public static void main(String[] args) throws Exception { Constructorconstructor=SingleTon1.class.getDeclaredConstructor(); constructor.setAccessible(true); SingleTon1 s1=constructor.newInstance(); SingleTon1 s2=constructor.newInstance(); System.out.println(s1); System.out.println(s2); } 结果:抛出异常,阻止了调用私有构造器 Exception in thread "main" java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source) at java.lang.reflect.Constructor.newInstance(Unknown Source) at singleTonDestory.test.main(test.java:21) Caused by: java.lang.RuntimeException at singleTonDestory.SingleTon1. (SingleTon1.java:13) ... 5 more 序列化破坏单例 添加readResolve方法就可以防止破坏单例 public class SingleTon1 implements Serializable{ private static SingleTon1 singleTon1 = new SingleTon1(); private SingleTon1() { if(singleTon1 != null) { throw new RuntimeException(); } } public static SingleTon1 getSingleTon1() { return singleTon1; } //防止反序列化破坏单例,反序列化时,如果定义了readResolve方法,则直接返回吃方法指定的对象,而不需要单独再创建对象 private Object readResolve() throws ObjectStreamException{ return singleTon1; } } 添加readResolve方法,反序列化时,会直接返回该方法指定的对象,不需要创建对象。 测试: 序列化测试代码: public static void main(String[] args) throws Exception { //通过方法获取两个一样的单例 SingleTon1 s1 = SingleTon1.getSingleTon1(); SingleTon1 s2 = SingleTon1.getSingleTon1(); //序列化到磁盘(保存对象) FileOutputStream fos = new FileOutputStream("d:/a.txt"); ObjectOutputStream oos = new ObjectOutputStream(fos); oos.writeObject(s1); oos.close(); fos.close(); //从磁盘发序列化(获取对象) FileInputStream fis = new FileInputStream("D:/a.txt"); ObjectInputStream ois = new ObjectInputStream(fis); SingleTon1 s= (SingleTon1) ois.readObject(); System.out.println(s); System.out.println(s1); System.out.println(s2); } 结果: singleTonDestory.SingleTon1@5c647e05 singleTonDestory.SingleTon1@5c647e05 singleTonDestory.SingleTon1@5c647e05 从结果可以看出,防止了序列化破坏单例。 来源:blog.csdn.net/weixin_42130471/article/details/89602999