Customized Serialization and Deserialization In Java
Last Updated :
12 Jul, 2018
Serialization is a mechanism of converting the state of an object into a byte stream. Deserialization is the reverse process where the byte stream is used to recreate the actual Java object in memory. This mechanism is used to persist the object.
Why is custom serialization needed?
During serialization, there may be data loss if we use the ‘transient’ keyword. ‘Transient’ keyword is used on the variables which we don’t want to serialize. But sometimes, it is needed to serialize them in a different manner than the default serialization (such as encrypting before serializing etc.), in that case, we have to use custom serialization and deserialization.
Below program illustrates the above situation of data loss:
import java.io.*;
class GfgAccount implements Serializable {
String username = "gfg_admin" ;
transient String pwd = "geeks" ;
}
class CustomizedSerializationDemo {
public static void main(String[] args) throws Exception
{
GfgAccount gfg_g1 = new GfgAccount();
System.out.println( "Username : " + gfg_g1.username +
" Password : " + gfg_g1.pwd);
FileOutputStream fos = new FileOutputStream( "abc.ser" );
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(gfg_g1);
FileInputStream fis = new FileInputStream( "abc.ser" );
ObjectInputStream ois = new ObjectInputStream(fis);
GfgAccount gfg_g2 = (GfgAccount)ois.readObject();
System.out.println( "Username : " + gfg_g2.username +
" Password : " + gfg_g2.pwd);
}
}
|
Output:
Username : gfg_admin Password : geeks
Username : gfg_admin Password : null
In the above image example, before serialization, Account object can provide proper username and password but deserialization of Account object provides only username and not the password. This is due to declaring password variable as transient.
Hence during default serialization, there may be a chance of loss of information because of the transient keyword. To recover this loss, we will have to use Customized Serialization.
Customized serialization can be implemented using the following two methods:
- private void writeObject(ObjectOutputStream oos) throws Exception
: This method will be executed automatically by the jvm(also known as Callback Methods) at the time of serialization. Hence to perform any activity during serialization, it must be defined only in this method.
- private void readObject(ObjectInputStream ois) throws Exception: This method will be executed automatically by the jvm(also known as Callback Methods) at the time of deserialization. Hence to perform any activity during deserialization, it must be defined only in this method.
Note: While performing object serialization, we have to define the above two methods in that class.
import java.io.*;
class GfgAccount implements Serializable {
String username = "gfg_admin" ;
transient String pwd = "geeks" ;
private void writeObject(ObjectOutputStream oos) throws Exception
{
oos.defaultWriteObject();
String epwd = "123" + pwd;
oos.writeObject(epwd);
}
private void readObject(ObjectInputStream ois) throws Exception
{
ois.defaultReadObject();
String epwd = (String)ois.readObject();
pwd = epwd.substring( 3 );
}
}
class CustomizedSerializationDemo {
public static void main(String[] args) throws Exception
{
GfgAccount gfg_g1 = new GfgAccount();
System.out.println( "Username :" + gfg_g1.username +
" Password :" + gfg_g1.pwd);
FileOutputStream fos = new FileOutputStream( "abc.ser" );
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(gfg_g1);
FileInputStream fis = new FileInputStream( "abc.ser" );
ObjectInputStream ois = new ObjectInputStream(fis);
GfgAccount gfg_g2 = (GfgAccount)ois.readObject();
System.out.println( "Username :" + gfg_g2.username +
" Password :" + gfg_g2.pwd);
}
}
|
Output:
Username :gfg_admin Password :geeks
Username :gfg_admin Password :geeks
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...