1

Out of the many things that we did to fix the issue of sticky session one was to make the session attributes implement the serializable interface. Now could someone explain it to me in layman terms what happens when this interface is implemented? what behavioural changes are observed in a class which implements this interface?

Shivayan
  • 127
  • 1
  • 2
  • 12
  • The `Serializable` interface is merely a marker interface. From the perspective of the application server and sticky sessions, one should mark session attributes as Serializable for replication and clustering. – Kon Jun 11 '14 at 05:02
  • 1
    @Manish don't think so.. i have actually mentioned a practical scenario. – Shivayan Jun 11 '14 at 05:12

3 Answers3

2

Web server needs to keep session data across multiple requests. In cluster environment, these requests may be served by different web servers, which share the same session data. When session data is updated in one web server, the updated session data needs to be replicated across other web servers. To do this, we need to convert the session data into something that can be sent over the network. This conversion is called serialization. The reverse process is called deserialization.

When we declare a class as implement Serializable, we need to guarantee that the class can be serialized and deserialized safely. If the session data implements Serializable, web server can safely serialize and deserialize the session data. The web server will not attempt to serialize and deserialize session data that does not implement Serializable, because there is no guarantee that the class can be serialized and deserialized safely.

The key here is that if your class implements Serializable, you need to make sure that it can be serialized and deserialized safely. For example, this class

class MyClass {
  private Runtime runtime = Runtime.getRuntime();
}

cannot be serialized safely, because we cannot serialize the "runtime" of one web server, and send it to other web servers. You can read http://docs.oracle.com/javase/6/docs/api/java/io/Serializable.html for more details on Java serialization.

fajarkoe
  • 1,483
  • 9
  • 10
1

It is a best practice to make session data serializable. This allows the servlet container to either store the contents of a session on disk, or to transfer session contents over the network to another server.

In the case of a restart, the web container may attempt to implement a "failover" strategy by attempting to serialize all data stored in session scope, in order to recover the data after the restart has completed - this will work only if such data implements Serializable.

A previous JSF post also explains the same JSF backing bean should be serializable?

Community
  • 1
  • 1
AurA
  • 11,535
  • 7
  • 46
  • 62
0

An instance of a Serializable class can be serialized using Java standard serialization mechanizm, that is written to a stream with java.io.ObjectOutputStream.writeObject and later read with java.io.ObjectInputStream.readObject

Evgeniy Dorofeev
  • 124,221
  • 27
  • 187
  • 258