如何在java中解组ruby对象？ [英] How do I unmarshal a ruby object in java?

问题描述

我有一个对象，我想抓住java中的内容。
唯一的问题是目前是红宝石。

I have a an object that I'd like to grab the contents of in java. The only problem is that is is currently in ruby.

irb(main):050:0> blah
=> "BAh7ByIeYXV0aGVudGljYXRpb25fc3RyYXRlZ2llczAiCXVzZXJpBg%253D%253D-\
-0cdecf4edfaa5cbe4693c9fb83b204c1256a54a6"

irb(main):049:0> Marshal.load(Base64.decode64(blah))
=> {"authentication_strategies"=>nil, "user"=>1}

我得到了base64部分好吧 - 所以现在一切都是以字节为单位。我如何访问第二个字符串？我认为可以用jruby完成一些事情，但我以前从未使用它，也不知道从哪里开始。

I got the base64 portion allright -- so now everything is in bytes. How would i access that 2nd string? I presume something can be done with jruby but I've never used it before and would have no clue where to start.

让我在这里详细说明我的问题。

let me elaborate on my problem here.

1）这些是我试图在tomcat上的servlet和apache上的merb应用程序之间共享的cookie

1) these are cookies that I'm trying to share between a servlet on tomcat and a merb app on apache

2）我不打算将它们存储在数据库中。我曾考虑过在memcached中使用它们，但出于其他原因我想将它们存储为cookie（是的，我很清楚所涉及的安全隐患）

2) I am not going to be storing them in the database. I have thought about using them in memcached but for other reasons I'd like to store them as cookies (yes I'm well aware of the security implications involved)

I我目前正在寻找jruby的Red Bridge / jruby-embed，但是因为这只有70个字节，所以我需要看一下，我觉得调用所有这些简单的开销是荒谬的。

I am currently looking at jruby's Red Bridge/jruby-embed, however since this is only like 70 bytes I need to look at I think it's ridiculous to call up all that overhead for something so simple.

而不是启动一个新问题....我现在的代码如下：

rather than start up a new question.... code I have right now looks like so:

        // using commons
        Base64 b64 = new Base64();
        byte[] decoded = b64.decode(cookie.getValue().getBytes());

        ScriptingContainer container = new ScriptingContainer();
        container.runScriptlet("la = Marshal.load(\"" + decoded + "\"); puts la.to_s;");

显然这不起作用因为marshal将检查解码后的前2个字节因为它与jruby的主要/次要版本不匹配而吓坏了...... hrmss ..

obviously this isn't going to work cause marshal is going to check the first 2 bytes of decoded and freak out since it doesn't match jruby's major/minor version....hrmss..

推荐答案

好的！这就是我所做的。让我重复一遍我的目的是从merb到一个在tomcat下运行的servlet的cookie会话。

Ok! This is what I did. Let me re-iterate my whole purpose here was to get a cookie session from merb to a servlet running under tomcat.

import java.io.*;
import java.util.*;
import org.jruby.embed.ScriptingContainer;
import org.apache.commons.codec.binary.Base64;
import javax.servlet.*;
import javax.servlet.http.*;

public class process extends HttpServlet {

  public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
   HttpSession session = request.getSession(true);

    PrintWriter out = response.getWriter();
    Cookie[] cookies = request.getCookies();

    for(int i=0; i<cookies.length; i++) {
      Cookie cookie = cookies[i];

      // base64 decode, then un-marshall ruby style...
      // finally figure out what to do with our session secret key
      if(cookie.getName().equals("_session_id")) {
        ScriptingContainer container = new ScriptingContainer();
        container.setWriter(out);
        container.runScriptlet("require 'base64'; puts \"" + cookie.getValue() + "\"; " +
                              "puts Marshal.load(Base64.decode64(\"" + cookie.getValue() + "\")).to_s; ");
      }                       

    } 

}     
}

显然这段代码可以清理很多 - 例如：将base64解码移回java - 但这将从merb获得一个cookie。现在我只需要在那里抛出验证器以确保它不是伪造的。

Obviously this code can be cleaned up quite a lot -- eg: moving the base64 decoding back to java -- but this will get a cookie from merb. Now I just need to throw the validator in there to make sure this isn't forged.

感谢大家的建议！

这篇关于如何在java中解组ruby对象？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！