Do I still need to implement Serializable when using Hibernate?

Puplip · February 26, 2018, 12:08pm

Do I still need to implement Serializable?
What are the reasons for doing so in Hibernate?
If I do so, how can it be exploited?

vlad · February 26, 2018, 12:12pm

Do I still need to implement Serializable?

For entities, no. It’s not needed by Hibernate.

Only for Embeddable Types you might want to implement Serializable, especially if they are used as @EmbeddedId.

What are the reasons for doing so in Hibernate?

Because the id might be used as a key in the 2nd-level cache entries.

If I do so, how can it be exploited?

An exploit is related to security and I’m not sure how Serializable might impact security. Try to elaborate.

Topic		Replies	Views
Do I have to use Serializable for JPA and Hibernate entities? Hibernate ORM	4	19340	August 24, 2024
Updated Interceptor API in Hibernate 6 Hibernate ORM	3	767	January 5, 2023
Composite key internal implementation Hibernate ORM	1	12	November 19, 2024
Auto generated ids with composite keys will ever be supported? Hibernate ORM	2	228	July 17, 2023
Can you map embedable classes to an SqlType when implementing UserType Hibernate ORM	0	435	May 9, 2019