Differencebetween Serializable and Externalizable in Java

How does Externalizable differ from Serializable?

Difference between Externalizable and Serializable

1. In case of Serializable, default serialization process is used. while in case of Externalizable custom Serialization process is used which is implemented by application.
2. JVM gives call back to readExternel() and writeExternal() of java.io.Externalizalbe interface for restoring and writing objects into persistence.
3. Externalizable interface provides complete control of serialization process to application.
4. readExternal() and writeExternal() supersede any specific implementation of writeObject and readObject methods.

Though Externalizable provides complete control, it also presents challenges to serialize super type state and take care of default values in case of transient variable and static variables in Java. If used correctly Externalizable interface can improve performance of serialization process.

So go for Externalizable interface

When you have special requirements for the serialization of an object. For example, you may have some security-sensitive parts of the object, like passwords, which you do not want to keep and transfer somewhere. Or, it may be worthless to save a particular object referenced from the main object because its value will become worthless after restoring.

Serializable and Externalizable. Difference of constructor invocation while deserialization

Yes, In byte code you can create an instance of a object and call any constructor in the hierarchy. In truth, a constructor is a special method and it is even call it more than once.

Many deserializers just use Unsafe.allocateInstance() and don't call any constructors. This is done to minimise side effects when deserializing.

Related Topics