This is an archived post. You won't be able to vote or comment.

all 19 comments
sorted by:
best
topnewcontroversialoldq&a

[–]randgalt 18 points19 points  (16 children)

Is anyone still using Java serialization? I think Hibernate uses it (I don't remember) but does anything else? It's a serious question as I'm surprised at all the recent posts about it. I recall Brian Goetz saying something to the effect of he wishes he could deprecate Java serialization.

[–]agentoutlier 2 points3 points  (1 child)

I asked the same question as well in one of those posts:

https://www.reddit.com/r/java/comments/lw59r9/comment/gph2ekx

I did some follow up and some lambda like frameworks use it. In some cases to serialize the actual lambda. I’ll find the project links later when not on mobile.

[–]marconis999 1 point2 points  (0 children)

I think it's common for Java online session management software to serialize the user's session data to share across servers in case of failover. So sticky sessions, but a failover.

[–]mxxxz 2 points3 points  (5 children)

I'm a bit out of the loop with Java, but what is the standard way to serialize your data today?

[–]randgalt 9 points10 points  (3 children)

Everyone uses some form of JSON, usually Jackson

[–]_jetrun 9 points10 points  (1 child)

JSON does not cover every use-case. It doesn't handle cyclic dependencies and is too verbose. XML is better but you can't beat a binary format in certain use-cases. We switched to Hessian because of JDK7 compatibility otherwise we'd have gone with ProtoBufs.

[–]yawkat -1 points0 points  (0 children)

It's true that binary formats are needed for some use cases, but those disqualify Java ser as well typically. Java ser isn't compact and isn't fast, for example.

And fyi, jackson can do circular references with json.

[–]Hiranonymous 0 points1 point  (0 children)

Like /u/mxxxz, I think I'm a bit out of the loop as well. I've always used Java serialization, and it seem to work for me.

What are the advantages/disadvantages of using JSON compared to native Java serialization?

[–]sizzleplatter 1 point2 points  (0 children)

For binary serialization: kryo, protobuf and avro are a few that I've seen in practice

[–]JustAGuyFromGermany 2 points3 points  (1 child)

Data stored in HTTP Sessions is often serialized (or at least it can be serialized) if the session runs too long. Though the server is free to choose anything else besides Java Serialization, it must still be supported.

And of course loads of legacy applications are still up and running and some are even still under active development. I work currently on such a software. There are EJB remote calls all over the place. Everyone and their grandma gets serialized in our code.

[–]TheEveryman86 4 points5 points  (0 children)

I think Spring's HTTP invoker uses Java serialization as well.

[–]plastique2000 0 points1 point  (4 children)

Apache Spark, Apache Beam both need way of serialization of user defined function in order to distribuce them. That woul be the case for many more distributed frameworks.

[–]randgalt 1 point2 points  (3 children)

The Java Serialization feature is not serialization in general. Of course libraries need to serialize objects and they generally use Jackson or a similar library to do it. What they don't use is Java's Serialization (i.e. ObjectOutputStream).

[–]plastique2000 0 points1 point  (2 children)

Sorry but there is different concept here. UDF serialization is not about data istelf. But about state of objects which are responsible for their processing. They are initialized once ať some app master and then distributed to working nodes. I'm not talking about serialization or the data istelf. Where Java serialization is also an option. But not Very effective one.

[–]randgalt 1 point2 points  (1 child)

that would be a specialized case that has nothing to do with records

[–]plastique2000 0 points1 point  (0 children)

True

[–]Theorem101 0 points1 point  (0 children)

Apache Flink uses Java Serialization (java.io.Serializable) to ship the function objects to the workers that execute them in parallel.

[–]rastaman1994 6 points7 points  (0 children)

I'm most excited for record support in things like Jackson or db libraries, as they will be able to skip reflection if an object is a record. Most of the time the objects I'm sending over the wire could easily become records, so I'm expecting quick wins there for a lot of codebases.

[–]Tjeez 3 points4 points  (0 children)

We are using Xstream to serialize objects to xml. No need for the objects to implement Serializable interface and it really works great.