github
/
acme4j
mirror of https://github.com/shred/acme4j
1
0
Fork 0
Code Issues Releases Wiki Activity

Add note about usage of serialized resources

pull/55/head
Richard Körber 2018-01-14 14:19:42 +01:00
parent 1eb56ed8d6
commit c7917b3c44
No known key found for this signature in database
GPG Key ID: AAB9FD19C78AA3E0
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/site/markdown/usage/session.md
View File

@ -45,3 +45,5 @@ All resource objects are serializable, so the current state of the object can be
However the `Session` the object is bound with is _not_ serialized! This is because the `Session` object contains a copy of your private key. Not serializing it prevents that you unintentionally reveal your private key in a place with lowered access restrictions. However the `Session` the object is bound with is _not_ serialized! This is because the `Session` object contains a copy of your private key. Not serializing it prevents that you unintentionally reveal your private key in a place with lowered access restrictions.
This means that a deserialized object is not bound to a `Session` yet. It is required to rebind it to a `Session`, by invoking its `rebind()` method. This means that a deserialized object is not bound to a `Session` yet. It is required to rebind it to a `Session`, by invoking its `rebind()` method.
Serialization is only meant for short term storage at runtime, not for long term persistence. Do not share serialized data between different versions of _acme4j_.