How do I send async HTTP requests with HttpClient?

By I Wayan Saryada in HttpClient, Net Package 0 Comment

To send asynchronous HTTP requests in Java using the java.net.http.HttpClient, you use the sendAsync() method. This method returns a CompletableFuture<HttpResponse<T>>, allowing you to handle the response without blocking the main thread.

Here is a step-by-step example of how to implement this:

1. Basic Asynchronous GET Request

This example demonstrates how to fire a request and handle the result using thenAccept.

package org.kodejava.httpclient;

import java.net.URI;
import java.net.http.HttpClient;
import java.net.http.HttpRequest;
import java.net.http.HttpResponse;
import java.util.concurrent.CompletableFuture;

public class AsyncRequestExample {
    public static void main(String[] args) {
        // 1. Create the HttpClient
        HttpClient client = HttpClient.newHttpClient();

        // 2. Build the HttpRequest
        HttpRequest request = HttpRequest.newBuilder()
                .uri(URI.create("https://jsonplaceholder.typicode.com/posts/1"))
                .GET()
                .build();

        // 3. Send the request asynchronously
        CompletableFuture<HttpResponse<String>> responseFuture =
                client.sendAsync(request, HttpResponse.BodyHandlers.ofString());

        // 4. Handle the response when it arrives
        responseFuture.thenAccept(response -> {
            System.out.println("Status Code: " + response.statusCode());
            System.out.println("Response Body: " + response.body());
        }).exceptionally(ex -> {
            System.err.println("Error occurred: " + ex.getMessage());
            return null;
        });

        // The program continues here immediately while the request is in flight
        System.out.println("Request sent! Doing other things...");

        // Optional: Block if you need to wait for the result before the program exits
        responseFuture.join();
    }
}

2. Chaining and Transforming Results

Because sendAsync returns a CompletableFuture, you can chain operations like extracting the body or converting JSON.

CompletableFuture<String> bodyFuture = client.sendAsync(request, HttpResponse.BodyHandlers.ofString())
        .thenApply(HttpResponse::body)       // Transform response to just the body
        .thenApply(String::toUpperCase);      // Further transform the string

bodyFuture.thenAccept(System.out::println);

Key Components

  • sendAsync(request, bodyHandler): The non-blocking counterpart to send().
  • HttpResponse.BodyHandlers: Defines how to handle the incoming data (e.g., ofString(), ofByteArray(), or ofFile()).
  • CompletableFuture: Provides methods like .thenApply() (map), .thenAccept() (consume), and .exceptionally() (error handling).

Best Practices

  • Reuse the Client: Don’t create a new HttpClient for every request. It’s designed to be long-lived and shared.
  • Executor Service: By default, HttpClient uses a default executor. For high-load applications, you can provide your own thread pool when building the client: 
    HttpClient client = HttpClient.newBuilder()
            .executor(Executors.newFixedThreadPool(10))
            .build();

  • Join/Get: In a console application, use .join() or .get() at the very end to prevent the main method from finishing (and the JVM exiting) before the background thread completes.

How do I use memory mapped files with FileChannel.map()?

By I Wayan Saryada in IO 0 Comment

Using FileChannel.map() allows you to map a region of a file directly into memory. This creates a MappedByteBuffer, which acts like a bridge between your application’s memory and the file on disk. The operating system handles the actual reading and writing in the background, making it extremely efficient for large files.

Here is how you can use it for both reading and writing.

1. Reading from a Memory-Mapped File

To read, open the channel with StandardOpenOption.READ and use MapMode.READ_ONLY.

import java.nio.MappedByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;

public class MemoryMappedExample {
    public void readMappedFile(Path path) throws IOException {
        try (FileChannel channel = FileChannel.open(path, StandardOpenOption.READ)) {
            long size = channel.size();

            // Map the entire file for reading
            MappedByteBuffer buffer = channel.map(FileChannel.MapMode.READ_ONLY, 0, size);

            // Access data directly from memory
            while (buffer.hasRemaining()) {
                byte b = buffer.get();
                // Process byte...
            }
        }
    }
}

2. Writing to a Memory-Mapped File

To write, you must open the channel with both READ and WRITE options (even if you only intend to write) and use MapMode.READ_WRITE.

public void writeMappedFile(Path path) throws IOException {
    // Files must be opened for both READ and WRITE to use MapMode.READ_WRITE
    try (FileChannel channel = FileChannel.open(path, 
            StandardOpenOption.READ, 
            StandardOpenOption.WRITE, 
            StandardOpenOption.CREATE)) {

        long size = 1024 * 1024; // Map 1MB
        MappedByteBuffer buffer = channel.map(FileChannel.MapMode.READ_WRITE, 0, size);

        // Writing to the buffer automatically writes to the file
        buffer.putInt(12345);
        buffer.put("Hello Memory!".getBytes());

        // Force changes to storage to ensure they are written to disk
        buffer.force();
    }
}

Key Considerations

  • Map Modes:
    • READ_ONLY: Any attempt to modify the buffer results in a ReadOnlyBufferException.
    • READ_WRITE: Changes to the buffer are eventually propagated to the file.
    • PRIVATE: “Copy-on-write” mode. Changes are local to the buffer and not saved to the file.
  • Size Limits: On 32-bit JVMs, you cannot map more than 2GB at once because of address space limits. On 64-bit systems, you can map much larger regions, but a single MappedByteBuffer is still limited to Integer.MAX_VALUE bytes (approx 2GB). To handle larger files, you must create multiple mappings.
  • Performance: Memory mapping is most beneficial for large files accessed frequently or randomly. For small, sequential reads, standard BufferedInputStream might be simpler and just as fast.
  • Unmapping: Java does not provide an explicit “unmap” method. The mapping remains until the MappedByteBuffer object is garbage collected. Closing the FileChannel does not unmap the file.

How do I use ObjectOutputStream with record?

By I Wayan Saryada in IO 0 Comment

To use ObjectOutputStream with a Java record, you need to make the record implement the java.io.Serializable interface.

One of the great things about records is that they are designed to be “data carriers,” and Java’s serialization mechanism handles them more robustly and securely than regular classes. Specifically, records are serialized using only their components (the fields defined in the header), and the deserialization process uses the record’s canonical constructor, ensuring that any validation logic you’ve placed there is always executed.

Here is a complete example of how to write a record to a file and read it back:

1. Define the Record

Make sure it implements Serializable.

package org.kodejava.io;

import java.io.Serializable;

/**
 * A simple record representing a Person.
 * Records are implicitly final and their fields are private and final.
 */
public record Person(String name, int age) implements Serializable {
    // Compact constructor for validation
    public Person {
        if (age < 0) {
            throw new IllegalArgumentException("Age cannot be negative");
        }
    }
}

2. Serialize and Deserialize

Use ObjectOutputStream to write the object and ObjectInputStream to read it.

package org.kodejava.io;

import java.io.*;

public class RecordSerializationDemo {
    public static void main(String[] args) {
        String filename = "person.ser";
        Person person = new Person("John Doe", 30);

        // 1. Serialize the record
        try (FileOutputStream fos = new FileOutputStream(filename);
             ObjectOutputStream oos = new ObjectOutputStream(fos)) {

            oos.writeObject(person);
            System.out.println("Record saved: " + person);

        } catch (IOException e) {
            e.printStackTrace();
        }

        // 2. Deserialize the record
        try (FileInputStream fis = new FileInputStream(filename);
             ObjectInputStream ois = new ObjectInputStream(fis)) {

            Person savedPerson = (Person) ois.readObject();
            System.out.println("Record loaded: " + savedPerson);

        } catch (IOException | ClassNotFoundException e) {
            e.printStackTrace();
        }
    }
}

Key Points to Remember:

  • Immutability: Since records are immutable, serialization is very straightforward.
  • No serialVersionUID Required (mostly): While you can define a serialVersionUID, Java’s serialization for records ignores the field-matching rules that usually require it. The serialization is based strictly on the component names.
  • Security: Records are less susceptible to “deserialization attacks” because they don’t allow the creation of “ghost” objects; they must go through the canonical constructor.
  • Customization: Records do not support writeObject, readObject, readObjectNoData, or writeExternal methods. If you need custom serialization logic, you should use a regular class instead.

How do I serialize and deserialize objects safely?

By I Wayan Saryada in IO 0 Comment

In a modern Java environment, “safely” means avoiding the pitfalls of standard Java Serialization, which is often vulnerable to gadget attacks and remote code execution.

Here are the best practices for safe serialization and deserialization:

1. Prefer Data-Only Formats (JSON/XML)

Instead of standard Java serialization, use JSON with a library like Jackson (already common in Spring projects). It separates data from logic, making it much harder for an attacker to trigger malicious code during deserialization.

Example using Jackson:

import com.fasterxml.jackson.databind.ObjectMapper;

public class SerializationDemo {
    private final ObjectMapper mapper = new ObjectMapper();

    public String serialize(Object obj) throws Exception {
        return mapper.writeValueAsString(obj);
    }

    public <T> T deserialize(String json, Class<T> clazz) throws Exception {
        // Safe because it only maps data to fields in the specified class
        return mapper.readValue(json, clazz);
    }
}

2. If You Must Use Java Serialization: Use Filtered Deserialization

If you are forced to use java.io.Serializable, you should implement a SerializationFilter. Introduced in Java 9 (and perfected in later versions), this allows you to “allowlist” only the classes you expect.

Example of an ObjectInputFilter:

import java.io.*;

public class SafeDeserializer {
    public static Object deserialize(byte[] data) throws IOException, ClassNotFoundException {
        try (ByteArrayInputStream bais = new ByteArrayInputStream(data);
             ObjectInputStream ois = new ObjectInputStream(bais)) {

            // Allow ONLY specific classes (and primitives/arrays)
            ObjectInputFilter filter = ObjectInputFilter.Config.createFilter(
                "com.yourpackage.MySafeClass;java.base/*;!*"
            );
            ois.setObjectInputFilter(filter);

            return ois.readObject();
        }
    }
}

3. Use transient for Sensitive Data

Always mark fields that shouldn’t be serialized (like passwords, tokens, or internal state) as transient.

public class User implements Serializable {
    private String username;
    private transient String password; // Will not be saved/transmitted
}

4. Implement readObject for Validation

If you use standard serialization, override readObject to validate the object’s state after it is reconstructed. This prevents “half-baked” or illegal objects from being created.

private void readObject(ObjectInputStream ois) throws IOException, ClassNotFoundException {
    ois.defaultReadObject();
    // Validate state
    if (this.age < 0) {
        throw new InvalidObjectException("Age cannot be negative");
    }
}

Summary of “Safe” Rules:

  1. Don’t accept serialized objects from untrusted sources.
  2. Use JSON/Jackson whenever possible (it’s the industry standard for a reason).
  3. Use allowlists (via ObjectInputFilter) if you use native Java serialization.
  4. Keep dependencies updated to patch known “gadget” classes that attackers use to exploit deserialization.

How do I use ByteBuffer to process binary files?

By I Wayan Saryada in IO 0 Comment

Using ByteBuffer to process binary files is a core part of Java NIO (New I/O). It provides a more efficient way to handle raw bytes compared to traditional stream-based I/O by allowing direct interaction with memory and OS-level optimizations.

Here is a guide on how to effectively use ByteBuffer for binary file processing.

1. The Core Lifecycle of a Buffer

When processing files, you’ll constantly switch between “writing” to the buffer (filling it from a file) and “reading” from it (processing the bytes).

  1. Allocate: Create a buffer.
  2. Write/Fill: Put data into the buffer (using channel.read(buffer) or buffer.put()).
  3. Flip: Call flip() to switch from writing mode to reading mode.
  4. Read/Process: Get data out (using buffer.get()).
  5. Clear/Compact: Call clear() to prepare for the next fill.

2. Reading a Binary File

To read a file, you use a FileChannel to fill your ByteBuffer. For binary data, you can extract specific types like int, long, or double directly.

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;

public class BinaryReader {
    public void readBinaryData(Path path) throws IOException {
        try (FileChannel channel = FileChannel.open(path, StandardOpenOption.READ)) {
            // Allocate a buffer (8KB is a common size)
            ByteBuffer buffer = ByteBuffer.allocate(8192);

            while (channel.read(buffer) != -1) {
                // 1. Prepare for reading
                buffer.flip();

                // 2. Process data (e.g., reading 4-byte integers)
                while (buffer.remaining() >= 4) {
                    int value = buffer.getInt(); 
                    System.out.println("Read value: " + value);
                }

                // 3. Prepare for next read from channel
                buffer.compact(); // Keeps unprocessed bytes at the start
            }
        }
    }
}

3. Writing a Binary File

When writing, you fill the buffer with values and then “drain” it into the FileChannel.

public void writeBinaryData(Path path) throws IOException {
    try (FileChannel channel = FileChannel.open(path, 
            StandardOpenOption.CREATE, StandardOpenOption.WRITE)) {

        ByteBuffer buffer = ByteBuffer.allocate(1024);

        // Put various binary types
        buffer.putInt(42);
        buffer.putDouble(3.14159);
        buffer.putLong(System.currentTimeMillis());

        // Prepare for the channel to read from this buffer
        buffer.flip();

        while (buffer.hasRemaining()) {
            channel.write(buffer);
        }
    }
}

4. Key Considerations for Binary Files

  • Byte Order (Endianness): Binary formats often specify a byte order (Big-Endian or Little-Endian). You can set this easily:
buffer.order(java.nio.ByteOrder.LITTLE_ENDIAN);
  • Direct vs. Heap Buffers:
    • ByteBuffer.allocate(size): Creates a buffer on the Java heap.
    • ByteBuffer.allocateDirect(size): Allocates memory outside the JVM heap. Use this for large, long-lived buffers or when performance is critical, as it allows the OS to perform I/O directly without extra memory copies.
  • Memory Mapping: For extremely large files (larger than your available RAM), use channel.map(). This maps the file directly into virtual memory, allowing you to treat the entire file like a huge ByteBuffer without manual read() calls.

Summary of Methods

Method Purpose
flip() Switches from writing to reading.
clear() Resets the buffer (doesn’t erase data, just pointers) for a fresh start.
compact() Moves leftover bytes to the start; useful if you didn’t finish reading everything.
rewind() Resets position to 0 so you can read the same data again.
get...() / put...() Typed methods (e.g., getInt, putLong) to handle primitive binary types.