Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Serialization to a blob in a db  RSS feed

 
Bill Romere
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Task:
I would like to serialize a signature that is obtained from a user signing in a canvas to a blob in a table. Also allow the info to be retrieved from the table and redisplayed upon need. (Or some other way if better)
Has anyone done this? If so, can you shed some light on the way to do this?
Thanks for your advice in advance!
 
Chad McGowan
Ranch Hand
Posts: 265
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Instead of serializing the object, why not just make an image out of the signature and save it as gif or jpg by writing the byte stream to the db? You can look at the java advanced imaging package for more help on this.
 
Bill Romere
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Security issues woudl be the first thing to come to mind on that as a solution. This needs to be done in a secure manner.
Thanks for the thought on it. Any ideas on a more secure solution?
 
Peter den Haan
author
Ranch Hand
Posts: 3252
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, storing a serialized object is just as insecure as storing a plain gif. Security through obscurity is no security at all -- in fact, because of the warm fuzzy feeling it gives it can be worse than having no security at all.
If you need to be tamper-resistant (most likely), take a digital signature of the image and store it in an additional field in the database. If you choose serialization, you can use a signed object wrapper. If things need to remain secret, you can use either symmetric or asymmetric encryption. Again, there is a nice wrapper available for encrypted serialization of Java objects.
- Peter
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!