I was trying to understand the concept behind the java serialization.
I know java serialization is required when you want to save state of an object outside JVM. My thinking was why don’t Sun make all classes as Serializable by default? Why Serializable interface required to persist an object?
I did google search to get answer for my questions.
Many of them gave definition as “It tells JVM to serialize object that are ready to transfer over outside JVM, also it make object as JVM independent.”
I am not satisfied with the above definition. I continued my search and found below understanding on serialization concept in Java.
- java.io.Serializable interface doesn’t add any overhead to JVM nor it does any magic in JVM processing.
- Using serialization concept an object can be exposed outside jvm it intern exposes private variables’ value which is violation of OOPS concept. By marking a class as Serializable, developers understand the security concern.
- JVM serializes complete object navigation graph. Sometime developer might intent to persist only top level object and forget to mark member variables as transient. In this case Serializable interface enforces developer to make conscious decision to persistent required classes.
java.io.Serializable interface is an design decision in Java to enforce developers to make conscious decision before exposing private variable.
Reference:
http://java.sun.com/javase/technologies/core/basic/serializationFAQ.jsp#whyserial
Venkat Sadasivam 
Leave a comment