La serializzazione viene utilizzata per la persistenza in Java. Potrebbe essere ok per mantenere alcuni oggetti usando la serializzazione. Ma, per un gran numero di oggetti, ORM, Database ecc potrebbe essere migliore. Sembra che la serializzazione sia utile solo per piccoli lavori. Potrebbe essere che ho torto. Quindi, per favore dimmelo quali sono i vantaggi della serializzazione rispetto ai metodi di non serializzazione? Quando dovrebbe essere usato e quando dovrebbe essere evitato?
Questa domanda mi è venuta in mente dopo aver visto l'articolo di DZone Object Serialization Evil?
E queste sono le linee che hanno dato origine alla mia domanda:
If you look at Java and its session objects, pure object serialization is used. Assuming that an application session is fairly short-lived, meaning at most a few hours, object serialization is simple, well supported and built into the Java concept of a session. However, when the data persistence is over a longer period of time, possibly days or weeks, and you have to worry about new releases of the application, serialization quickly becomes evil. As any good Java developer knows, if you plan to serialize an object, even in a session, you need a real serialization ID (serialVersionUID), not just a 1L, and you need to implement the Serializable interface. However, most developers do not know the real rules behind the Java deserialization process. If your object has changed, more than just adding simple fields to the object, it is possible that Java cannot deserialize the object correctly even if the serialization ID has not changed. Suddenly, you cannot retrieve your data any longer, which is inherently bad.
Now, may developers reading this may say that they would never write code that would have this problem. That may be true, but what about a library that you use or some other developer no longer employed by your company? Can you guarantee that this problem will never happen? The only way to guarantee that is to use a different serialization method.