How to Handle and Fix java.io.NotSerializableException
Last updated: January 3, 2026
Mocking is an essential part of unit testing, and the Mockito library makes it easy to write clean and intuitive unit tests for your Java code.
Get started with mocking and improve your application tests using our Mockito guide:
Handling concurrency in an application can be a tricky process with many potential pitfalls. A solid grasp of the fundamentals will go a long way to help minimize these issues.
Get started with understanding multi-threaded applications with our Java Concurrency guide:
Spring 5 added support for reactive programming with the Spring WebFlux module, which has been improved upon ever since. Get started with the Reactor project basics and reactive programming in Spring Boot:
Since its introduction in Java 8, the Stream API has become a staple of Java development. The basic operations like iterating, filtering, mapping sequences of elements are deceptively simple to use.
But these can also be overused and fall into some common pitfalls.
To get a better understanding on how Streams work and how to combine them with other language features, check out our guide to Java Streams:
Explore Spring Boot 3 and Spring 6 in-depth through building a full REST API with the framework:
Yes, Spring Security can be complex, from the more advanced functionality within the Core to the deep OAuth support in the framework.
I built the security material as two full courses - Core and OAuth, to get practical with these more complex scenarios. We explore when and how to use each feature and code through it on the backing project.
You can explore the course here:
Spring Data JPA is a great way to handle the complexity of JPA with the powerful simplicity of Spring Boot.
Get started with Spring Data JPA through the guided reference course:
Refactor Java code safely — and automatically — with OpenRewrite.
Refactoring big codebases by hand is slow, risky, and easy to put off. That’s where OpenRewrite comes in. The open-source framework for large-scale, automated code transformations helps teams modernize safely and consistently.
Each month, the creators and maintainers of OpenRewrite at Moderne run live, hands-on training sessions — one for newcomers and one for experienced users. You’ll see how recipes work, how to apply them across projects, and how to modernize code with confidence.
Join the next session, bring your questions, and learn how to automate the kind of work that usually eats your sprint time.
Distributed systems often come with complex challenges such as service-to-service communication, state management, asynchronous messaging, security, and more.
Dapr (Distributed Application Runtime) provides a set of APIs and building blocks to address these challenges, abstracting away infrastructure so we can focus on business logic.
In this tutorial, we'll focus on Dapr's pub/sub API for message brokering. Using its Spring Boot integration, we'll simplify the creation of a loosely coupled, portable, and easily testable pub/sub messaging system:
1. Introduction
Java serialization widely persists object state, transfers data between JVMs, and supports distributed application features. However, serialization failures often occur when object graphs contain elements that don’t comply with serialization rules. Among these failures, java.io.NotSerializableException occurs when serialization encounters a class that doesn’t implement the Serializable interface. In most instances, the root cause lies within nested objects or fields rather than the primary object itself. This behavior becomes more pronounced in framework-based or library-driven applications, where object relationships are complex and often implicit.
In this tutorial, we provide a detailed guide to understanding and managing NotSerializableException in Java applications. In addition, we highlight key considerations when working with serializable and non-serializable objects and provide insights into best practices for ensuring reliable serialization in complex application environments.
2. Serialization Failure Caused by Non-Serializable Classes
A primary cause of NotSerializableException occurs when a class doesn’t implement the Serializable interface, which the Java runtime requires to convert objects into a byte stream.
Let’s illustrate this scenario with an example:
public class User {
private String name;
private int id;
private Address address;
public User(String name, int id, Address address) {
this.name = name;
this.id = id;
this.address = address;
}
}In this case, the runtime raises java.io.NotSerializableException for the User class because it lacks the serialization capability.
Implementing the Serializable interface marks the class as eligible for serialization by the Java runtime:
public class User implements Serializable {
private String name;
private int id;
private Address address;
}At this stage, the primary serialization issue appears resolved. However, serialization may still fail due to the presence of nested objects.
3. Serialization Failure Caused by Non-Serializable Nested Objects
Even after making the User class serializable, serialization can still fail if any of its nested objects or fields don’t implement the Serializable interface.
3.1. Example Problem Code
Let’s see an example of this with the User class, but this time including a nested Address object that doesn’t implement the Serializable interface:
class User implements Serializable {
private String name;
private int age;
private Address address; // Address does not implement Serializable
}
class Address {
String city;
String country;
}Serialization fails in this case because of the nested Address object. Java runtime traverses the entire object graph, so every object referenced by a serializable class must also be serializable. Since Address lacks this capability, the runtime raises java.io.NotSerializableException, causing the serialization process to fail.
There are two main ways to handle non-serializable nested objects.
3.2. Make Nested Class Serializable (Solution 1)
This approach involves implementing Serializable in the nested Address class:
public class Address implements Serializable {
private String city;
private String country;
}With such a change, the entire object graph becomes serializable, enabling the runtime to serialize User successfully. This process ensures accurate maintenance and reconstruction of the object’s state.
3.3. Declare the Field as Transient (Solution 2)
When the Address object doesn’t represent a persisted state and is only required at runtime, the field can be excluded from serialization by marking it as transient:
public class User implements Serializable {
private String name;
private int age;
private transient Address address;
}In this case, the runtime omits the field from the serialized form and doesn’t restore its value during deserialization.
4. Serialization Failure Caused by External Dependencies
Applications frequently rely on external dependencies to provide supporting functionality. These external dependencies often introduce runtime-managed objects that don’t implement the Serializable interface. When the serializable object graph includes such third-party objects, the Java runtime cannot serialize them, resulting in serialization failures.
4.1. Example Problem Code
Let’s go through a code that demonstrates a simulated AuditContext class originating from a third-party library that stores request-related metadata:
public class AuditContext {
private String traceId;
public AuditContext(String traceId) {
this.traceId = traceId;
}
public String getTraceId() {
return traceId;
}
}Since the third-party class doesn’t implement the Serializable interface, handling it requires two common approaches:
4.2. Declare the Field as Transient (Solution 1)
In this first approach, the third-party object is excluded from serialization while other User data remains intact:
private transient AuditContext auditContext;We achieve this by marking the field as transient.
4.3. Extract and Store the Serializable Portion (Solution 2)
An alternate approach stores only the portion of the object that participates in serialization.
In this case, the traceId represents the serializable data from AuditContext:
public class User implements Serializable {
private String name;
private int age;
private Address address;
private String traceId; // extracted from third-party object
public User(String name, int age, Address address, AuditContext auditContext) {
this.name = name;
this.age = age;
this.address = address;
this.traceId = auditContext.getTraceId(); // extract serializable data
}Both approaches serialize the User object successfully while maintaining the intended application data or runtime context.
5. Conclusion
In this article, we examined effective strategies for handling and resolving java.io.NotSerializableException in Java applications by addressing issues within the object graph. The analysis revealed that resolving this exception extends beyond marking a single class as Serializable; it also involves considering nested fields and third-party objects that participate in the serialization. For the root object to be serialized successfully, all nested objects and fields must themselves be serializable.
The solutions presented included making classes Serializable when persistence is necessary, marking fields as transient when certain state should be excluded, and extracting only serializable data from external dependencies. These approaches support stable serialization, providing developers with clear control over object state and application structure. Collectively, these techniques help maintain reliable serialization and robust application design.
As always, the source code is available over on GitHub.
