While coding with Spring , I always see the most developers implements the Serializable interface . So , I want the reason why to work with this implementation in all decalaration of classes . Thank you !
Asked
Active
Viewed 101 times
0
-
Does this link: [Spring MVC - should my domain classes implement Serializable?](https://stackoverflow.com/questions/38457074/spring-mvc-should-my-domain-classes-implement-serializable-for-over-the-wire-t) answer your question? – Nowhere Man Jun 18 '20 at 15:20
1 Answers
2
Serialization is not a Spring-specific feature. You use serialization to transfer objects over the wire or store in the filesystem.
But according to effective java, serialization is dangerous and should not be used at all costs due to security holes. Another disadvantage to serialization is when you release a new version of your class to the public you'll need to make sure to support the old deserialized class.
Moral of the story: Don't ever use serialization in your code. For more info read chapter 12 of effective java book.
Hamza Belmellouki
- 2,516
- 1
- 18
- 39
-
This answer seems to be a perfect proof that the question itself attracts opinions. As any powerfool tool, serialization has its advantages and disadvantages, and it's being widely used in lots of libraries and technologies. As Brian Goetz states in [his exploratory article](https://cr.openjdk.java.net/~briangoetz/amber/serialization.html): _To be clear, there's nothing wrong with the **concept** of serialization; the ability to convert an object into a form that can be easily transported across JVMs and reconstituted on the other side is a perfectly reasonable idea.._ despite all its sins – Nowhere Man Jun 18 '20 at 23:04