Java Serialization

Java provides a mechanism for object serialization, in which an object can be represented as a byte sequence, which includes the data of the object, information about the object's type, and the types of data stored in the object.

After the serialized object is written to a file, it can be read from the file and deserialized, that is, the type information of the object, the data of the object, and the data types within the object can be used to create a new object in memory.

The entire process is independent of the Java Virtual Machine (JVM), which means that an object serialized on one platform can be deserialized on another completely different platform.

The ObjectInputStream and ObjectOutputStream classes are high-level data streams that contain methods for deserializing and serializing objects.

The ObjectOutputStream class contains many write methods to write various data types, but there is an exception to this:

public final void writeObject(Object x) throws IOException

The above method serializes an object and sends it to the output stream. A similar ObjectInputStream class contains the following method for deserializing an object:

public final Object readObject() throws IOException,　
　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　ClassNotFoundException

This method retrieves the next object from the stream and deserializes the object. Its return type is Object, so you need to convert it to the appropriate data type.

To demonstrate how serialization works in Java, I will use the Employee class mentioned in the previous tutorial. Assume that we have defined the following Employee class, which implements the Serializable interface.

public class Employee implements java.io.Serializable
{
　　　public String name;
　　　public String address;
　　　public transient int SSN;
　　　public int number;
　　　public void mailCheck()
　　　{
　　　　　　System.out.println("Mailing a check to "　+　name
　　　　　　　　　　　　　　　　　　　　　　　　　　　+　"  "　+　address);
　　　}
}

Please note that in order for an object of a class to be successfully serialized, it must meet two conditions:

The class must implement the java.io.Serializable interface.

All properties of the class must be serializable. If there is a property that is not serializable, then this property must be marked as transient.

If you want to know whether a Java standard class is serializable, please refer to the documentation of the class. It is very simple to check whether an example of a class can be serialized, just check whether the class implements the java.io.Serializable interface.

Serializing an object

The ObjectOutputStream class is used to serialize an object. The following SerializeDemo instance demonstrates the serialization of an Employee object to a file.

After the execution of this program, a file named employee.ser is created. The program has no output, but you can understand the program's purpose by reading the code.

Note: When serializing an object to a file, according to Java's standard conventions, it is customary to give the file a .ser extension.

import java.io.*;
　
public class SerializeDemo
{
　　　public static void main(String[] args)
　　　{
　　　　　　Employee e = new Employee();
　　　　　　e.name = "Reyan Ali";
　　　　　　e.address = "Phokka Kuan, Ambehta Peer";
　　　　　　e.SSN =　11122333;
　　　　　　e.number =　101;
　　　　　　try
　　　　　　{
　　　　　　　　　FileOutputStream fileOut =
　　　　　　　　　new FileOutputStream("/tmp/employee.ser);
　　　　　　　　　ObjectOutputStream out = new ObjectOutputStream(fileOut);
　　　　　　　　　out.writeObject(e);
　　　　　　　　　out.close();
　　　　　　　　　fileOut.close();
　　　　　　　　　System.out.printf("Serialized data is saved in　/tmp/employee.ser);
　　　　　　}catch(IOException i)
　　　　　　{
　　　　　　　　　　i.printStackTrace();
　　　　　　}
　　　}
}

Deserializing an object

The following DeserializeDemo program demonstrates deserialization,/tmp/employee.ser stores the Employee object.

import java.io.*;
　
public class DeserializeDemo
{
　　　public static void main(String[] args)
　　　{
　　　　　　Employee e = null;
　　　　　　try
　　　　　　{
　　　　　　　　　FileInputStream fileIn = new FileInputStream("/tmp/employee.ser);
　　　　　　　　　ObjectInputStream in = new ObjectInputStream(fileIn);
　　　　　　　　　e = (Employee) in.readObject();
　　　　　　　　　in.close();
　　　　　　　　　fileIn.close();
　　　　　　}catch(IOException i)
　　　　　　{
　　　　　　　　　i.printStackTrace();
　　　　　　　　　return;
　　　　　　}catch(ClassNotFoundException c)
　　　　　　{
　　　　　　　　　System.out.println("Employee class not found");
　　　　　　　　　c.printStackTrace();
　　　　　　　　　return;
　　　　　　}
　　　　　　System.out.println("Deserialized Employee...");
　　　　　　System.out.println("Name: ");　+　e.name);
　　　　　　System.out.println("Address: ");　+　e.address);
　　　　　　System.out.println("SSN: ");　+　e.SSN);
　　　　　　System.out.println("Number: ")　+　e.number);
　　　　}
}

The compilation and running results of the above program are as follows:

Deserialized Employee...
Name: Reyan Ali
Address: Phokka Kuan, Ambehta Peer
SSN: 0
Number:101

Here are the following points to note:

try block in the readObject() method/The catch block tries to catch the ClassNotFoundException exception. For JVM to deserialize objects, the class must be able to find the bytecode. If the JVM cannot find the class during the deserialization process, it throws a ClassNotFoundException exception.

Note that the return value of the readObject() method is converted to an Employee reference.

The value of the SSN property is 111222333However, since this property is transient, the value has not been sent to the output stream. Therefore, the SSN attribute of the Employee object after deserialization is 0.