Serialization and Deserialization in Java

In Java, serialization plays a very important role it's something that we use a lot in our real life, even if we do not always notice it. Serialization helps us to save the current state of an object so that we can use it further and share complex data between different systems. In this article, we will discuss a lot more about serialization and deserialization in Java for better understanding and clarity.

What is Serialization and Deserialization?

Serialization is a mechanism of converting the state of an object into a byte stream.

Important Points of Serialisation:

• Platform-Independent: In Java, the serialization is a platform-independent process. It means that if we serialize an object using a byte stream on one platform can be easily deserialized on different platforms.
• Serializable Interface: If we want to make a class serializable, then it must implement the Serializable interface. This interface does not contain any methods or variables ( marker interface), but it gives a signal that the class is ready for serialization.

Deserialization is the reverse process where the byte stream is used to recreate the actual Java object in memory. This mechanism is used to persist the object.

Important Points of Deserialization:

• Rebuilds Objects: Deserialization takes the byte stream and turns it back into the original object with the same state as before.
• Platform-Independent: Deserialization works well with different platforms without any issues.
• Class Must Be Available: When we deserialize an object, it is necessary that the class definition be present in the program.

Visual Representation of Serialization and Deserialization Process

The image below demonstrates the process of serialization and deserialization.

Serialization Process: The byte stream created is platform independent. So, the object serialized on one platform can be deserialized on a different platform. To make a Java object serializable we implement the java.io.Serializable interface. The ObjectOutputStream class contains writeObject() method for serializing an Object.

public final void writeObject(Object obj)
throws IOException

Advantages of Serialization: 

• Persistence: The serialization allows us to save and persist the state of an object to a file or database. 
• Network Communication: Serialization is often used to transfer objects across a network, enabling the communication between different components and or systems.

Deserialization Process: The ObjectInputStream class contains readObject() method for deserializing an object. 
 

public final Object readObject()
throws IOException,
ClassNotFoundException

Advantages of Deserialization:

• It turns saved data back into the original objects, so everything works just like before.
• t helps different programs or systems share information easily by rebuilding objects from the saved data.

Serializable Interface and Marker Interfaces

Only the objects of those classes can be serialized which are implementing java.io.Serializable interface. Serializable is a marker interface (has no data member and method). It is used to "mark" java classes so that objects of these classes may get certain capability. Other examples of marker interfaces are:- Cloneable and Remote. 

Points to remember while using Serialization:

• Parent-Child Serialization: If a parent class has implemented Serializable interface then child class doesn't need to implement it but vice-versa is not true.
• Non-static Data Members: Only non-static data members are saved via Serialization process. Static variable are not serialized becaue they are not associated with any specific instance. 
• Transient Data Members: Static data members and transient data members are not saved via Serialization process. So, if you don't want to save value of a non-static data member then make it transient.
• Constructor Calling: Constructor of object is never called when an object is deserialized. 
• Associated Objects: Associated objects must be implementing Serializable interface.

Example:

class A implements Serializable{
// B also implements Serializable
// interface.
B ob=new B();
}

SerialVersionUID

The Serialization runtime associates a version number with each Serializable class called a SerialVersionUID, which is used during Deserialization to verify that sender and receiver of a serialized object have loaded classes for that object which are compatible with respect to serialization. If the receiver has loaded a class for the object that has different UID than that of corresponding sender's class, the Deserialization will result in an InvalidClassException. 

Syntax:

private static final long serialVersionUID = 3L;

A Serializable class can declare its own UID explicitly by declaring a field name. It must be static, final and of type long. i.e- ANY-ACCESS-MODIFIER static final long serialVersionUID=42L; If a serializable class doesn't explicitly declare a serialVersionUID, then the serialization runtime will calculate a default one for that class based on various aspects of class, as described in Java Object Serialization Specification.

However it is strongly recommended that all serializable classes explicitly declare serialVersionUID value, since its computation is highly sensitive to class details that may vary depending on compiler implementations, any change in class or using different id may affect the serialized data. It is also recommended to use private modifier for UID since it is not useful as inherited member. serialver The serialver is a tool that comes with JDK. It is used to get serialVersionUID number for Java classes. 

Example of Getting SerialVersionUID using Serialver

We can run the following command to get serialVersionUID serialver [-classpath classpath] [-show] [classname...]

Example: Serialization and Deserialization of a Java Object.

import java.io.*;

class Demo implements Serializable {
    public int a;
    public String b;

    public Demo(int a, String b) {
        this.a = a;
        this.b = b;
    }
}

public class Geeks {
    public static void main(String[] args) {
        Demo object = new Demo(1, "geeksforgeeks");
        String filename = "file.ser";

        // Serialization
        try {
            FileOutputStream file = new FileOutputStream(filename);
            ObjectOutputStream out = new ObjectOutputStream(file);
            out.writeObject(object);
            out.close();
            file.close();
            System.out.println("Object has been serialized");

        } catch (IOException ex) {
            System.out.println("IOException is caught");
        }

        Demo object1 = null;

        // Deserialization
        try {
            FileInputStream file = new FileInputStream(filename);
            ObjectInputStream in = new ObjectInputStream(file);
            object1 = (Demo) in.readObject();
            in.close();
            file.close();
            System.out.println("Object has been deserialized");
            System.out.println("a = " + object1.a);
            System.out.println("b = " + object1.b);

        } catch (IOException ex) {
            System.out.println("IOException is caught");
        } catch (ClassNotFoundException ex) {
            System.out.println("ClassNotFoundException is caught");
        }
    }
}

Output:

Example: Serialization with Transient and Static Fields.

import java.io.*;

class Emp implements Serializable {
    private static final long serialVersionUID = 129348938L;
    transient int a;
    static int b;
    String name;
    int age;

    public Emp(String name, int age, int a, int b) {
        this.name = name;
        this.age = age;
        this.a = a;
        this.b = b;
    }
}

public class Geeks{
    public static void printData(Emp object1) {
        System.out.println("name = " + object1.name);
        System.out.println("age = " + object1.age);
        System.out.println("a = " + object1.a);
        System.out.println("b = " + object1.b);
    }

    public static void main(String[] args) {
        Emp object = new Emp("ab", 20, 2, 1000);
        String filename = "shubham.txt";

        // Serialization
        try {
            // Saving of object in a file
            FileOutputStream file = new FileOutputStream(filename);
            ObjectOutputStream out = new ObjectOutputStream(file);
            out.writeObject(object);
            out.close();
            file.close();
            System.out.println("Object has been serialized\nData before Deserialization.");
            printData(object);

            // Change static variable b
            object.b = 2000;

        } catch (IOException ex) {
            System.out.println("IOException is caught");
        }

        object = null;

        // Deserialization
        try {
            // Reading the object from a file
            FileInputStream file = new FileInputStream(filename);
            ObjectInputStream in = new ObjectInputStream(file);
            object = (Emp) in.readObject();
            in.close();
            file.close();
            System.out.println("Object has been deserialized\nData after Deserialization.");
            printData(object);

        } catch (IOException ex) {
            System.out.println("IOException is caught");
        } catch (ClassNotFoundException ex) {
            System.out.println("ClassNotFoundException is caught");
        }
    }
}

Object has been serialized
Data before Deserialization.
name = ab
age = 20
a = 2
b = 1000
Object has been deserialized
Data after Deserialization.
name = ab
age = 20
a = 0
b = 2000

Explanation In the above code while deserializing the object the values of a and b has changed. The reason being a was marked as transient and b was static. 

• In case of transient variables:- A variable defined with transient keyword is not serialized during serialization process.This variable will be initialized with default value during deserialization. (e.g: for objects it is null, for int it is 0). 
• In case of static Variables:- A variable defined with static keyword is not serialized during serialization process.This variable will be loaded with current value defined in the class during deserialization. 

Transient Vs Final

The main difference between Transient and Final is listed below:

• Final variables are serialized by their value directly.
• Declaring a final variable as transient has no use because the compiler replaces final variables with their literal values in the bytecode.

Example:

final int x= 10;
int y = 20;
System.out.println(x);// compiler will replace this as System.out.println(10)->10
because x is final.
System.out.println(y);//20

Example: Demonstration of transient and final behaviour together while serialization.

// Java program for final with transient
import java.io.*;

class Dog implements Serializable{
          int i=10;
          transient final int j=20;
}
class Geeks
{
    public static void main (String[] args)throws 
    IOException, ClassNotFoundException 
    {
          Dog d1=new Dog();
          //Serialization started
          
          System.out.println("serialization started");
          
          FileOutputStream fos= new FileOutputStream("abc.ser");
          ObjectOutputStream oos=new ObjectOutputStream(fos);
          
          oos.writeObject(d1);
          System.out.println("Serialization ended");
      
          //Deserialization started
          System.out.println("Deserialization started");
          FileInputStream fis=new FileInputStream("abc.ser");
          ObjectInputStream ois=new ObjectInputStream(fis);
          Dog d2=(Dog) ois.readObject();
          System.out.println("Deserialization ended");
          System.out.println("Dog object data");
          //final result
          System.out.println(d2.i+"\t" +d2.j);
    }
}

serialization started
Serialization ended
Deserialization started
Deserialization ended
Dog object data
10	20

Serialization vs Deserialization in Java

The main difference between serialization and deserialization is:

• Serialization is the process of converting object to byte stream.
• Deserialization is the process of converting byte stream to object.