0

I am trying to create a distributed processing system on Android through Bluetooth, so I created a class that implements Serializable, made a method to serialize and deserialize that object so that I can send it as a ByteArray. The problem is that I need each object to have a different code to be run on the other devices. I thought of overriding a method, then running that method on the other device, but when I do so, I get a NotSerializableException. Is there any way to fix that? Or if not, is there an alternative way to send different pieces of code to be executed on other devices?

Jean-Paul Manuel
  • 546
  • 2
  • 12
  • 29
  • Am I getting this right, you are going to write an app which receives code fragments from other devices, with the code being supposed to be arbitrary? If so, please work on a security concept first... – class stacker Mar 06 '13 at 12:32
  • That's right, and I will, but for now can you help for that specific question? – Jean-Paul Manuel Mar 06 '13 at 12:36
  • I'm not so sure the Android framework will support this. But technically, you may want to look at this: http://stackoverflow.com/questions/7980133/converting-a-given-class-lets-say-java-lang-object-to-a-byte-array-is-it-po – class stacker Mar 06 '13 at 12:45
  • Also, what do you mean security concept? – Jean-Paul Manuel Mar 06 '13 at 12:52
  • _If_ you get this up and running, someone is going to reverse engineer your app and use it to inject arbitrary code into other devices, which will then be run in the context of your app. – class stacker Mar 06 '13 at 12:57

1 Answers1

0

The default serialization mechanism is intended to provide a means to transfer the STATE of an object rather than the actual LOGIC of the class from which the object is derived. Therefore code contained in Methods is not (at least by default) Serializable.

SOLUTIONS

There are a number of approaches and/or strategies you could adopt to achieve or at least approximate the results you require; the bottom line is the server will need a copy of the class file you wish to execute:

Dynamic Method:

You could dispatch the "class" or the complete jar to the server dynamically as a standard file then use serialization to send the DETAILS (i.e name, signature, etc) of the method you wish to call from the client.

Static Method:

Place a copy of the application jar on the class path of the server as part of your build process.

Of course you could also implement the Externalizable Interface to define your own serialization mechanism and semantics. Let me know if you require any further information on this or any of the other methods I have outlined.

Giles Thompson
  • 1,097
  • 1
  • 9
  • 24