Serialization and Deserialization in JAVA

Serialization is the way to transform objects into a byte stream. so that it can be store in some persistent storage. Deserialization is the just opposite of what serialization does, convert byte streams to the object. The Serialization process is instance independent. Objects can be serialized on one platform and deserialized on another.

In this picture left side is the showcase of serialization, where an object is converted into byte stream, which can be stored in any persistent storage like- File, Database, or Memory. And the right side is deserialization where a stream of bytes is read from the storage and converted back to the object.

Classes that are eligible for serialization need to implement a special marker interface Serializable.
When deserializing the object, it does not use the constructor, it creates an empty object and uses reflection to write the whole data to the field.

While Serializing the object, the ObjectInputStream class writeObject(Object o) method will be used to write the object, while in process of deserializing ObjectOutputStream readObject() method will be used.

Advantage of Serialization —

1- Save/persist the state of the object
2- To travel object on the network

What is the need for SerialVersionUID?

The JVM associates a version (long) number with each serializable class. It is used to verify that the saved and loaded objects have the same attributes and thus are compatible with serialization.

This number can be generated automatically by most IDEs and is based on the class name, its attributes, and associated access modifiers. Any changes result in a different number and can cause an InvalidClassException.

If a serializable class doesn’t declare a serialVersionUID, the JVM will generate one automatically at run-time. However, it is highly recommended that each class declares its serialVersionUID as the generated one is compiler dependent and thus may result in unexpected InvalidClassExceptions.

Important points to note about Serialization-

1- Static fields in a class don’t serialize.
2- Transient keyword is used to make field ignore while serializing ( these will take default value).
3- When a class implements a Serializable interface, all its subclasses are serializable as well. When an object has a reference to another object, these objects must implement the serializable interface, or else NotSerializableException will be thrown.
4- If one of the fields in a serializable object consists of an array of objects, then all these objects must be serializable as well, or else a NotSerializableException will be thrown.

Externalizable in JAVA-

The Externalizable interface provides the facility of writing the state of an object into a byte stream in compressed format. It is not a marker interface.

The Externalizable interface provides two methods:

• public void writeExternal(ObjectOutput out) throws IOException
• public void readExternal(ObjectInput in) throws IOException

Reference- https://docs.oracle.com/javase/8/docs/api/java/io/Serializable.html