Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java: What can and what can't be serialized?

If the Serializable interface is just a Marker-Interface that is used for passing some-sort of meta-data about classes in java - I'm a bit confused:

After reading the process of java's serialization algorithm (metadata bottom-to-top, then actual instance data top-to-bottom), I can't really understand what data cannot be processed through that algorithm.

In short and formal:

  1. What data may cause the NotSerializableException?
  2. How should I know that I am not supposed to add the implements Serializable clause for my class?
like image 212
MordechayS Avatar asked May 31 '13 06:05

MordechayS


People also ask

What Cannot be serialized in Java?

In Java, we serialize object (the instance of a Java class which has already implemented the Serializable interface). So it's very clear that if a class has not implemented the Serializable interface, it cannot be serialized (then in that case NotSerializableException will be thrown).

Which variables are not serialized in Java?

The Transient variable is a variable whose value is not serialized during the serialization process. We will get a default value for this variable when we deserialize it.

What should never be serialized?

Examples of sensitive data that should never be serialized include cryptographic keys, digital certificates, and classes that may hold references to sensitive data at the time of serialization. This rule is meant to prevent the unintentional serialization of sensitive information.

What objects are not serializable?

A non-serializable value is a complex object, like a class instance or a function. It is not an array, a plain serializable object, nor a primitive (like strings, numbers, booleans, null, etc.).

What is serialization and deserialization in Java?

Serialization is a mechanism of converting the state of an object into a byte stream. Deserialization is the reverse process where the byte stream is used to recreate the actual Java object in memory. This mechanism is used to persist the object.

Can a serialized object be persisted into a file in Java?

Serialized object can't be persisted into file. d. Serialized object can be transferred over network. What method should we use for writing object in Serialization in java? a. By defining objectWrite () and objectRead () methods

Can it handle the serialization of fields that are not serializable?

It can not handle the serialization of fields that are not serializable. Deserialization process does not invoke constructors while creating the object so it can not call the initialization logic provided by the constructor.

How do I know if a class is serializable in Java?

If you are curious to know if a Java Standard Class is serializable or not, check the documentation for the class. The test is simple: If the class implements java.io.Serializable, then it is serializable; otherwise, it's not.


2 Answers

When you are talking about NotSerializableException it is throw when you want to serialize an object, which has not been marked as Serializable - that's all, although when you extend non serializable class, and add Serializable interface it is perfectly fine.

There is no data that can't be serialized.

like image 193
Michal Borek Avatar answered Sep 24 '22 14:09

Michal Borek


First of all, if you don't plan to ever serialize an instance of your class, there is no need to even think about serializing it. Only implement what you need, and don't try to make your class serializable just for the sake of it.

If your object has a reference (transitive or direct) to any non-serializable object, and this reference is not marked with the transient keyword, then your object won't be serializable.

Generally, it makes no sense to serialize objects that can't be reused when deserialized later or somewhere else. This could be because the state of the object is only meaningful here and now (if it has a reference to a running thread, for example), or because it uses some resource like a socket, a database connection, or something like that. A whole lot of objects don't represent data, and shouldn't be serializable.

like image 37
JB Nizet Avatar answered Sep 23 '22 14:09

JB Nizet