What is object serialization?

Serialization is the conversion of an object to a series of bytes, so that the object can be easily saved to persistent storage or streamed across a communication link. The byte stream can then be deserialized - converted into a replica of the original object.

You can think of serialization as the process of converting an object instance into a sequence of bytes (which may be binary or not depending on the implementation).

It is very useful when you want to transmit one object data across the network, for instance from one JVM to another.

In Java, the serialization mechanism is built into the platform, but you need to implement the Serializable interface to make an object serializable.

You can also prevent some data in your object from being serialized by marking the attribute as transient.

Finally you can override the default mechanism, and provide your own; this may be suitable in some special cases. To do this, you use one of the hidden features in java.

It is important to notice that what gets serialized is the "value" of the object, or the contents, and not the class definition. Thus methods are not serialized.

Here is a very basic sample with comments to facilitate its reading:

import java.io.*;import java.util.*;// This class implements "Serializable" to let the system know// it's ok to do it. You as programmer are aware of that.public class SerializationSample implements Serializable {    // These attributes conform the "value" of the object.    // These two will be serialized;    private String aString = "The value of that string";    private int    someInteger = 0;    // But this won't since it is marked as transient.    private transient List<File> unInterestingLongLongList;    // Main method to test.    public static void main( String [] args ) throws IOException  {         // Create a sample object, that contains the default values.        SerializationSample instance = new SerializationSample();        // The "ObjectOutputStream" class has the default         // definition to serialize an object.        ObjectOutputStream oos = new ObjectOutputStream(                                // By using "FileOutputStream" we will                                // Write it to a File in the file system                               // It could have been a Socket to another                                // machine, a database, an in memory array, etc.                               new FileOutputStream(new File("o.ser")));        // do the magic          oos.writeObject( instance );        // close the writing.        oos.close();    }}

When we run this program, the file "o.ser" is created and we can see what happened behind.

If we change the value of: someInteger to, for example Integer.MAX_VALUE, we may compare the output to see what the difference is.

Here's a screenshot showing precisely that difference:

_{Can you spot the differences? ;)}

There is an additional relevant field in Java serialization: The serialversionUID but I guess this is already too long to cover it.

Daring to answer the 6-year-old question, adding just a very high-level understanding for people new to Java

What is Serialization?

Converting an object to bytes

What is Deserialization?

Converting bytes back to an object (Deserialization).

When is serialization used?

When we want to Persist the Object.When we want the object to exist beyond the lifetime of the JVM.

Real World Example:

ATM: When the account holder tries to withdraw money from the server through ATM, the account holder information like withdrawal details will be serialized and sent to the server where the details are deserialized and used to perform operations.

How serialization is performed in java.

1. Implement java.io.Serializable interface (marker interface so no method to implement).

2. Persist the object: Use java.io.ObjectOutputStream class, a filter stream which is a wrapper around a lower-level byte stream (to write Object to file systems or transfer a flattened object across a network wire and rebuilt on the other side).

• writeObject(<<instance>>) - to write an object
• readObject() - to read an serialized Object

Remember:

When you serialize an object, only the object's state will be saved, not the object's class file or methods.

When you serialized a 2-byte object, you see 51 bytes serialized file.

Steps how the object is serialized and de-serialized.

Answer for: How did it convert to 51 bytes file?

• First writes the serialization stream magic data (STREAM_MAGIC= "AC ED" and STREAM_VERSION=version of the JVM).
• Then it writes out the metadata of the class associated with an instance (length of the class, the name of the class, serialVersionUID).
• Then it recursively writes out the metadata of the superclass until it finds java.lang.Object.
• Then starts with the actual data associated with the instance.
• Finally writes the data of objects associated with the instance starting from metadata to the actual content.

Edit : Reference link to read.

This will answer a few frequent questions:

1. How not to serialize any field in the class.
   Ans: use transient keyword

2. When child class is serialized does parent class get serialized?
   Ans: No, If a parent is not extending the Serializable interface parents field don't get serialized.

3. When a parent is serialized does child class get serialized?
   Ans: Yes, by default child class also gets serialized.

4. How to avoid child class from getting serialized?
   Ans: a. Override writeObject and readObject method and throw NotSerializableException.
   

   b. also you can mark all fields transient in child class.

5. Some system-level classes such as Thread, OutputStream, and its subclasses, and Socket are not serializable.