Serialization is the process of converting an object into a stream of bytes. We generally perform serialization for persisting an object and saving a state of an object. The persisted location can be a file or a database. In .NET Framework when an object is serialized it not only persists the data, but also persists some metadata. If an object is serialized it also persists its Type information, Assembly information, etc. De-serialization is the reverse process of serialization, where a serialized object is again made to be an active object.

In this article we will discuss different types of serializations with code snippets wherever necessary. A web service is completely based on the XML serialization and SOAP. We will discuss more about the XML serialization in detail.

A .NET object can be serialized with different types of encodings. Let us discuss some of the serializations in detail.

·         Binary Serialization – The encoding used for this type of serialization is binary encoding. Using this serialization when an object is serialized, all the public and private fields are serialized. This means that the exact binary copy of the object is replicated. This brings about the concept of cloning an object (using binary serialization we can clone an object). One of the major advantages of Binary Serialization is the performance. The serialization and de-serialization cost would be minimal. However, binary serialization is not easily portable especially with cross platforms.

·         XML Serialization – XML Serialization serializes only the public properties and does not bother the private variables. It is to be noted that the type fidelity is also not preserved. When using XML serialization we cannot guarantee the original state of the objects. The primary purpose of the XML serialization would be conversion of XML documents into .NET objects and .NET objects into XML documents. In spite of having many issues with XML serialization, the main reason it is used is because of its support over cross platforms. In .NET 2.0, the XmlSerializer class takes care of the serialization. It has 2 methods, Serialize and DeSerialize, for serializing and de-serializing.

·         SOAP Serialization – SOAP serialization is a special form of XML serialization, but conforms to the SOAP specification. SOAP is a protocol based on XML designed for transporting method calls over the web. The .NET Framework supports the serialization that conforms to the SOAP standards. We can use the XmlSerializer class that can serialize classes in SOAP standards. SOAP is an example of custom serialization. We will see more about basic and custom serialization in the next sections.

·         Designer Serialization – Designer serialization is a special form of serialization which involves object persistence usually associated with development tools. Designer serialization is generally used in cases of displaying graphs, designer tools, etc. The designer shown in Visual studio is a type pf designer serialization. The emphasis on the designer serialization will be on the object's exact state with respect to other objects visually. It will always help if the designer serialization format is in a human readable format.

Let us see some of the classes, attributes and interfaces used in serialization.

·         SerializableAttribute – Any class that can be serialized should be marked as a "Serializable" attribute. Generally, all the business objects or Data Transfer Objects (DTO) are marked as serializable.

·         NonSerializedAttribute – If a class is marked as Serializable then all the properties can be serialized. For example, if we have a User object that has properties like user name, password [not in encrypted format], role of the user, etc. then such kinds of crucial information can be leaked out if serialized. We have the NonSerializable attribute that helps us in marking a property as not serializable.

·         *ISerializable interface – By implementing this interface it allows the object to control its own serialization and deserialization. This feature is new in .NET 3.0. ISerializable interface has a void method called GetObjectData. Method GetObjectData takes two parameters SerializationInfo and StreamingContext. Let us see how can we implement this method while using the serialization.

Listing 1

[SecurityPermissionAttribute(SecurityAction.LinkDemand, 
Flags=SecurityPermissionFlag.SerializationFormatter)] void 
ISerializable.GetObjectData( SerializationInfo info, StreamingContext context) 
{ 
// Instead of serializing this object, 
// serialize a SingletonSerializationHelp instead. 
// info.SetType(typeof(MySerializationHelper)); 
// No other values need to be added. 
}

Listing 1 shows the implementation of method GetObjectData. As we can see from the listing, the SerializationInfo object is set to MySerializationHelper. The class MySerializationHelper implements an interface IObjectReference. Listing 2 shows the same.

Listing 2

[Serializable] 
internal sealed class MyClassSerializationHelper : IObjectReference 
{ 
//This object has no fields (although it could). 
//GetRealObject is called after this object is deserialized. 
public Object GetRealObject(StreamingContext context) 
{ 
// When deserialiing this object, return a reference to 
// the Singleton object instead.
return MyClass.GetObject(); 
} 
}

Understanding System.Runtime.Serialization namespace

This is a new namespace that has been added in .NET Framework 3.0. It has rich functionality with classes that are used for serializing and deserializing objects. Let us see some of the new classes that are added in this namespace.

Using basic serialization we can have an attribute "Serializable" at the class level. Using basic serialization, it is up to the .NET Framework to take care of the serialization and de-serialization. But the problem with this type of serialization is that we cannot have control over the serialization algorithm. Another major issue with basic serialization is that we have versioning issues like "System.Runtime.Serialization.SerializationException" Possible Version mismatch. But basic serialization is the easiest way for serialization.

On other hand custom serialization gives us more control. As we have seen in listing 1 and 2, we can implement the interface ISerializable which gives us more control over the serialization algorithm. We can also avoid the serialization exceptions with the custom serialization. Apart from these, we have 4 attributes when applied to methods they are called in the process of serialization. Let us see each one of them in detail.

·         OnDeserializedAttribute – This attribute when put on a method, the method gets fired when the de-serialization is completely done.

·         OnDeserializingAttribute – When applied on a method this method is called during de-serialization of an object.

·         OnSerializedAttribute – When applied on a method this method gets fired after the serialization process takes place.

·         OnSerializingAttribute – When applied on a method this is fired during the serialization process.

We can get maximum control over serialization and deserialization process using the attributes.

Designer Serialization Overview

Serialization is the process of converting an object into a stream of bytes. In this article we have seen different types of serializations possible with .NET Framework. We have discussed basic serialization versus custom serialization and also the main namespace (System.Runtime.Serialization) used for serialization.