Externalization in Java

Externalizable is an interface that enables you to define custom rules and your own mechanism for serialization. Before understanding Externalizable interface, you need to have idea about Serialization. Java Serialization provides default functionality to store and later recreate the object. It uses complex algorithm to define the whole objects to be stored. In serialization, the JVM (Java Virtual Machine) is totally responsible for the whole process of writing and reading objects. This is useful in most cases, as the deveopers do not have to care about the underlying details of the serialization process. Because, by default all the instance variables, except static and transient variables will undergo Serialization process. However, the default serialization does not protect sensitive information such as passwords and credentials , or what if the developers want to secure some information during the serialization process? The Externalizable interface was not actually provided to optimize the serialization process performance, but to provide means of implementing your own custom processing and offer complete control over the format and contents of the stream for an object and its super types. Thus externalization comes to give the programmers full control in reading and writing objects during serialization . As name suggest it is externalilizing your serialization. It uses custom written mechanism to perform marshalling and unmarshalling of objects. Externalizable interface extends Serializable interface. If you implement this interface then you need to override following methods.

writeExternal(ObjectOutput out)

An object must implement this method, in order to store its state. For primitive types, the methods of the ObjectOutput class are called, while for objects, string and arrays, the writeObject method is sufficient.

readExternal(ObjectInput in)

An object implements this method, in order to restore its state. The readExternal method must read all values, along with their types, in the same sequence and format, as they were written by the writeExternal method. Example
import java.io.*; public class TestClass implements Externalizable { public void writeExternal(ObjectOutput out) { // implement your own code to write objects of this class } public void readExternal(ObjectInput in) { // implement your own code to read serialized objects of this class } }
In older version of Java, reflection was very slow, and so serializaing large object graphs was faced a bit of a performance problem. In order to handle this situation, the java.io.Externalizable interface was provided, which is like java.io.Serializable but with custom-written mechanisms to perform the marshalling and unmarshalling functions. In recent versions of Java the performance of reflection is vastly better than it used to be, and so this is much less of a problem. So, Externalization is used in the rare cases that you really want to store and rebuild your object in a completely different way and without using the default serialization mechanisms for data fields. More about... Java Serialization