CONTENTS | PREV | NEXT | Java Object Serialization Specification |
For Externalizable objects only the identity of class of the object is saved by the container and it is the responsibility of the class to save and restore the contents. The interfaceExternalizable
is defined as:package java.io; public interface Externalizable extends Serializable { public void writeExternal(ObjectOutput out) throws IOException; public void readExternal(ObjectInput in) throws IOException, java.lang.ClassNotFoundException; }An externalizable object must do the following:
- Implement the
java.io.Externalizable
interface.- Implement a
writeExternal
method to save the state of the object. It must explicitly coordinate with its supertype to save its state.- Implement a
readExternal
method to read the data written by thewriteExternal
method from the stream and restore the state of the object. It must explicitly coordinate with the supertype to save its state.- Have the
writeExternal
andreadExternal
methods be solely responsible for the format, if an externally defined format is written.- Have a public no-arg constructor.
Note - ThewriteExternal
andreadExternal
methods are public and raise the risk that a client may be able to write or read information in the object other than by using its methods and fields. These methods must be used only when the information held by the object is not sensitive or when exposing it would not present a security risk.