Serialization and Deserialization in Java

Last Updated: 11 October, 2023

Serialization is the process of converting an object into a sequence of bytes that can be persisted to a disk or database or sent through streams over the network.

The reverse process of creating objects from a sequence of bytes is called deserialization.

The entire process of serialization and deserialization is platform-independent, which means we can serialize an object on one platform and deserialize it on another platform (platform means any operation system or hardware).

The process of Java's Serialization-Deserialization is simply depicted in the image given below.

In order to achieve serialization in Java, we must implement java.io.Serializable interface with class Serializable is a marker interface that adds serializable behavior to the class implementing it. For serializing the object,

We call the writeObject() method of java.io.ObjectOutputStream class serializes an object and sends it to the output stream.

Method Declaration Syntax:

public final void writeObject(object x) throws IOException

To perform deserialization, we call the readObject() method of the java.io.ObjectInputStream class.

Method Declaration Syntax:

public final Object readObject() throws IOException, ClassNotFoundException

The need for serialization in Java:

If we need to send an object over the network.

If we want to persist the state of an object in a file, database, or storage device.

Serializable Interface in Java

Serializable is an interface in Java; it's present in the java.io package. Serilizable is a marker interface, which means this interface does not have any methods or fields. Thus, classes implementing it do not have to implement any methods.

The serializable interface is used to serialize (Object -> Byte Stream) or deserialize (Byte Strema -> Object) objects in Java. Serialization is done using java.io.ObjectOutputStream, and deserialization is done using java.io.ObjectInputStream.

All the collection framework classes, String class, and all the wrapper classes implement the java.io.Serializable interface by default.

Java serialVersionUID

In serialization, the Java runtime associates a version number with each serializable class. This number is called serialVersionUID, which is used during deserialization to verify that the sender and receiver of a serialized object have loaded classes for that object that are compatible with respect to serialization. If the receiver has loaded a class for the object that has a different serialVersionUID than that of the corresponding sender’s class, then deserialization will result in an InvalidClassException.

A serializable class can declare its own serialVersionUID explicitly by declaring a field named serialVersionUID that must be static, final, and of type long.

serialVersionUID Example:

private static final long serialVersionUID = 2L;

If a serializable class does not explicitly declare a serialVersionUID, then the serialization runtime will calculate a default serialVersionUID value for that class based on various aspects of the class.

Here is a simple example of serialization and deserialization in Java:

Example 1 : Serialization and Deserialization in Java

import java.io.*; class Employee implements java.io.Serializable { private static final long serialVersionUID = 1L; // Instance Variables Integer emp_id; String emp_name; String emp_adddress; // Setter-Getter methods } public class SerializationExample { public static void main(String[] args) { // Object Serialization serializationObject(); // Object DeSerialization deSerializationObject(); } // Method for Object Serialization private static void serializationObject() { try { Employee empObject = new Employee(); empObject.setEmp_id(1001); empObject.setEmp_name("John"); empObject.setEmp_adddress("Bangalore"); FileOutputStream fileOutputStream = new FileOutputStream("C:\\employeeRecord.ser"); ObjectOutputStream objOutputStream = new ObjectOutputStream(fileOutputStream); objOutputStream.writeObject(empObject); objOutputStream.close(); fileOutputStream.close(); System.out.println("Serialization Done Successfully..."); } catch (IOException e) { e.printStackTrace(); } } // Method for Object DeSerialization private static void deSerializationObject() { try { FileInputStream fileInputStream = new FileInputStream("C:\\employeeRecord.ser"); ObjectInputStream objInputStream = new ObjectInputStream(fileInputStream); Employee employee = (Employee) objInputStream.readObject(); System.out.println("De-Serialization Done Successfully..."); // Printing DeSerialized Object value System.out.println("Employee ID : " + employee.getEmp_id()); System.out.println("Employee Name : " + employee.getEmp_name()); System.out.println("Employee Address : " + employee.getEmp_adddress()); } catch (ClassNotFoundException | IOException e) { e.printStackTrace(); } } }

Output

Serialization Done Successfully...
De-Serialization Done Successfully...
Employee ID : 1001
Employee Name : John
Employee Address : Bangalore

Example 2 : Serializable and Deserialization with 'transient' Variables

import java.io.*; class Student implements java.io.Serializable { private static final long serialVersionUID = 1L; // Instance Variables String name; Integer age; // Transient Variables transient String city; transient Integer pin; public Student(String name, Integer age, String city, Integer pin) { this.name = name; this.age = age; this.city = city; this.pin = pin; } // Getter-Setter Methods } public class SerializationWithTransient { public static void main(String[] args) { // Object Serialization serializationObject(); // Object DeSerialization deSerializationObject(); } // Method for Object Serialization private static void serializationObject() { try { Student student = new Student("Kangana", 30, "Bengaluru", 560010); FileOutputStream fileOutputStream = new FileOutputStream("C:\\studentRecord.ser"); ObjectOutputStream objOutputStream = new ObjectOutputStream(fileOutputStream); objOutputStream.writeObject(student); objOutputStream.close(); fileOutputStream.close(); System.out.println("Serialization Done Successfully..."); } catch (IOException e) { e.printStackTrace(); } } // Method for Object DeSerialization private static void deSerializationObject() { try { FileInputStream fileInputStream = new FileInputStream("C:\\studentRecord.ser"); ObjectInputStream objInputStream = new ObjectInputStream(fileInputStream); Student stuObj = (Student) objInputStream.readObject(); System.out.println("De-Serialization Done Successfully..."); // Printing DeSerialized Object value System.out.println("Name : " + stuObj.getName()); System.out.println("Age : " + stuObj.getAge()); System.out.println("City : " + stuObj.getCity()); System.out.println("Pin : " + stuObj.getPin()); } catch (ClassNotFoundException | IOException e) { e.printStackTrace(); } } }

Output

Serialization Done Successfully...
De-Serialization Done Successfully...
Name : Kangana
Age : 30
City : null
Pin : null

Example 3 : Serializable and Deserialization with 'static' Variables

import java.io.*; class Person implements java.io.Serializable { private static final long serialVersionUID = 1L; // Instance Variables String name; Integer age; // Static Variables static String city; static Integer pin; public Person(String name, Integer age) { this.name = name; this.age = age; } // Getter-Setter Methods } public class SerializationWithStatic { public static void main(String[] args) { // Object Serialization serializationObject(); // Object DeSerialization deSerializationObject(); } // Method for Object Serialization private static void serializationObject() { try { Person person = new Person("Karthik", 25); Person.city = "Bengaluru"; Person.pin = 560056; FileOutputStream fileOutputStream = new FileOutputStream("C:\\personRecord.ser"); ObjectOutputStream objOutputStream = new ObjectOutputStream(fileOutputStream); objOutputStream.writeObject(person); objOutputStream.close(); fileOutputStream.close(); System.out.println("Serialization Done Successfully..."); } catch (IOException e) { e.printStackTrace(); } } // Method for Object DeSerialization private static void deSerializationObject() { try { FileInputStream fileInputStream = new FileInputStream("C:\\personRecord.ser"); ObjectInputStream objInputStream = new ObjectInputStream(fileInputStream); Person personObj = (Person) objInputStream.readObject(); System.out.println("De-Serialization Done Successfully..."); // Printing DeSerialized Object value System.out.println("Name : " + personObj.getName()); System.out.println("Age : " + personObj.getAge()); System.out.println("City : " + personObj.getCity()); System.out.println("Pin : " + personObj.getPin()); } catch (ClassNotFoundException | IOException e) { e.printStackTrace(); } } }

Output

Serialization Done Successfully...
De-Serialization Done Successfully...
Name : Karthik
Age : 25
City : Bengaluru
Pin : 560056

Important Points about Serialization and Deserialization

1. While serializing, if we do not want any field to be part of the object state, we can declare it either static or transient based on our needs, and it will not be included during the Java serialization process.

2. Most impressive is that the entire process is JVM independent, meaning an object can be serialized on one platform and deserialized on an entirely different platform.

3. When serializing an object to a file, the standard convention in Java is to give the file a .ser extension.

4. The process of serializing an object is also called deflating or marshalling an object. The opposite operation, extracting a data structure from a series of bytes, is deserialization (which is also called inflating or unmarshalling).

5. If Serializable interface is not implemented by the class, then writing that class object into a file will lead to a NoSerializableException.