what is serialization in java? How does it work?

[amy]

[vivek maurya]

Serialization is a mechanism which converts an object in a sequence of bytes which can be stored and later using those bytes it can be rebuild to the same status.
A class can enabled serialization by implementing Serializable interface. It is marker interface. This interface tells JVM that the implementing class can be serialized.
Sub-types of a serializable class are also serializable. writeObject and readObject methods are used for serialization process.
During serialization process, JVM needs an identifier to identify the class, which is called serialVersionID( of type Long).
JVM also needs a no-arg constructor.

On Fri, Nov 9, 2012 at 5:47 AM, amy <aksfo...@gmail.com> wrote:

--

[amy]

Serializing means that you put your structured data in your classes into a flat order of bytecode to save it.

You should generally use other techniques than the buildin java-method, it is just made to work out of the box but if you have some changing contents or changing orders in future in your serialized classes, you get into trouble because you'll cannot load them correctly.

 

 

The advantage of Java Object Serialization (JOS) is that it just works. There are also tools out there that do the same as JOS, but use an XML format instead of a binary format.

About the length: JOS writes some class information at the start, instead of as part of each instance - e.g. the full field names are recorded once, and an index into that list of names is used for instances of the class. This makes the output longer if you write only one instance of the class, but is more efficient if you write several (different) instances of it. It's not clear to me if your example actually uses a class, but this is the general reason why JOS is longer than one would expect

The reason why storing a tiny amount of information is serial form is relatively large is that it stores information about the classes of the objects it is serialising. If you store a duplicate of your list, then you'll see that the file hasn't grown by much. Store the same object twice and the difference is tiny.

The important pros are: relatively easy to use, quite fast and can evolve (just like XML). However, the data is rather opaque, it is Java-only, tightly couples data to classes and untrusted data can easily cause DoS. You should think about the serialised form, rather than just slapping implements Serializable everywhere.

 

 

On Friday, November 9, 2012 5:47:47 AM UTC+5:30, amy wrote:

[amy]

The goals for serializing Java objects are to:

• Have a simple yet extensible mechanism.
• Maintain the Java object type and safety properties in the serialized form.
• Be extensible to support marshaling and unmarshaling as needed for remote objects.
• Be extensible to support simple persistence of Java  objects.
• Require per class implementation only for customization.
• Allow the object to define its external format.

[amy]

The mechanism does not depend on the operating system, which means you can transfer objects via your network and restore them at the other side of the wire

[amy]

With serialization, you can easily implement a so-called lightweight persistence, prolonging an object's life beyond the life of the application. The serialization mechanism has been added into the Java language for two reasons: (1) the JavaBeans mechanism uses serialization, and (2) remote method invocation (RMI) allows you to automatically use objects located at another host in the network just like any local objects.

[amy]

In order to serialize an object, you need the output stream OutputStream, which must be put into the special serialization stream called ObjectOutputStream. After that, you only need to call the method writeObject() to serialize the object and send it to the output stream. In order to deserialize an object, you need to convert InputStream into ObjectInputStream and then call the readObject() method. As usual, you will get a reference to an Object type, so you'll also need to make a class cast to get an object of required type.