Rule Definition
When Entity bean instance is to be passed by value as a detached object (e.g., through a remote interface), the entity class must implement the Serializable interface.
Also, In some cases an OptimisticLockException will be thrown and wrapped by another exception, such as a RemoteException, when VM boundaries are crossed. Entities that may be referenced in wrapped exceptions should be Serializable so that marshalling will not fail.
A consequence of not following this rule when a non serializable entity is passed by value is to get an exception.
Remediation
Implement Serializable and verify that each its instance variables implement serializable unless they inherit from a class that is serializable, is a transient field or a Java primitives..
Violation Code Sample
@Entity
public class ABean { // VIOLATION
private String str;
private aClass field;
}
Fixed Code Sample
@Entity
public class ABean implements Serializable { // FIXED
private String str;
private aClass field;
}
Reference
JSR-000220 Enterprise JavaBeans v.3.0 specification version 3.0 p 17 and p 57
http://techpolesen.blogspot.com/2007/11/10-tips-on-jpa-domain-modelling.html
Related Technologies
JEE
Technical Criterion
CWE-1066 - Missing Serialization Control Element
About CAST Appmarq
CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.