Purpose of Serialization in webapplication

Question

1. Where is the usage of serialization in a webapplication.

2. Is it necessary that a form bean is serializable.

3. In tomcat what is the usage of sessions.ser file..

Answer 1

For your first and second question, have a look at this SO thread. Regarding your 3rd question, sessions.ser is a serialized session. However,

1. Yes, we need serialization whenever we need to persist objects in file system or send objects over the wire. You might think that in a web application we don't necessarily do that. But the server usually require a serializable thing in case it is needed in future when you switch to a clustered environment or want to pass your bean to a remote component, i.e. EJB component. Or you might want to store your bean into a session, for that reason your beans should be serializable.

2. Yes, for the same reason, stated above.

3. sessions.ser is a serialized session. Tomcat persisted it, so it can be recovered later. Now you had an idea that why we need serializable beans, because you might want to store bean objects to the session and Tomcat persist session to the file system, i.e. session.ser. So, your beans must implement Serializable so they can be persisted/recovered with the session.

By the way, the correctness of persisting and recovering of bean depends on the correct implementation of Serializable. For that I would recommend you to read the related topics in Effective Java.

Answer 2

1) It is an app server dependent feature but the Servlet Spec says that if the servlet container wants to support distributed environments (sharing sessions across instances) and the like that it must accept objects that implement Serializable and be able to migrate them. Tomcat also supports storing the session state across server restarts for session objects that are serializable. You can turn this feature of Tomcat on or off in the conf/context.xml file (see comments there).

2) It would only be neceesary for a form bean to be Serializable if a) it is session scoped and b) you are using either distributed sessions or a feature such as Tomcat uses to persist the session which requires it.

3) The sessions.ser file is the file containing the serialized objects from the session. Tomcat uses this to preserve them across restarts of the server if you have it configured to do so (see above). In general a .ser file is a serialized Java object, which is a binary representation of the state of the object.