Tuesday, May 27, 2008

Externalizable in Java? What is it used for?


Externalizable in Java


It's an interface which subclasses the java.io.Serializable marker interface. This interface contains two methods:

  • void writeExternal(ObjectOutput out)
  • void readExternal(ObjectInput in)


This interface is implemented by a class to handle the responsibility of saving and restoring the contents of its instances to (or from) streams by itself, which it does by implementing the above two methods. Only the identity of the class which implements Externalizable interface is saved in the serialization stream. The control is entirely delegated to the class to handle the saving and restoring all of its contents. It needs to take care of the saving/restoring the state of its super types as well.


Every object which requires to be stored is first tested whether it's Externalizable or not. If yes, then the writeExternal() method is called to do the task of saving of contents otherwise the state of the object is saved using ObjectOutputStream (using writeObject() of this class). If the class is not even Serializable (in case the class doesn't even implement java.io.Serialzable interface) then we get NotSerialzableException. Similarly, an Externalizable instance is restored by first using the public no-argument constructor and then by calling the readExternal() method. If the class is not Externalizable, but it's Serializable then the restore is done by ObjectInputStream (readObject() method of this class).


writeExternal method


This method saves the contents of objects either by calling the methods of the DataOutput interface for primitive data types or by calling the writeObject() method of the ObjectOutput interface for all kind of objects (including arrays). This method throws IOException if it encounters any problem while writing the contents to the output stream.


readExternal method


This method restores the contents of objects either by calling the methods of the DataInput interface for primitive data types or by calling the readObject() method of the ObjectInput interface for all kind of objects (including arrays). This method throws either IOException in case it encounters any I/O error while reading from the input stream OR ClassNotFoundException in case the class for the object being restored is not found.


Read Next: You may like to go through the article - Serializability in Java >>, if you have not already gone through. Proceed next to the article - Security risks with Externalizable interface & its inapplicability >>



Share/Save/Bookmark


4 comments:

Anonymous said...

I read both the posts - on Serializable and on Externalizable. Very well written. Can you please post the differences between the two?

Anonymous said...

One more que: where can not we use Externalizable? I was asked this in my last interview.

Geek said...

Answers posted Manish. Please use the below URLs to go to the answers of both of your questions:-

http://geekexplains.blogspot.com/2008/06/diff-between-externalizable-and.html

http://geekexplains.blogspot.com/2008/06/security-risk-with-externalizable-and.html

Thanks for your contribution. Keep doing that for making this place better and better for all of us.

Anonymous said...

Excellent answers Geek. Thanks!