[Pki-devel] Serial Version ID and Serializaed classes

[Adam]

Eclipse produces a hefty number of wranings about SerialVersionID.  I 
think  that we can safely be rid of them by accepting the autogenerated  
ID.  Here's what this implies:


If we ever use one of these classes in a serailzed manner where we don't 
control both sides of the connection,  we have to make sure that the 
deserializer can read the persisted form.  There are Two main  cases:
   serialize to a file,
   serialize across a socket,


For now, the only case where we serialize is in the case of a session  
failover.  This is pretty much a non-issue, as the serialization is done 
betwen two version of the code that are identical.  Actually, we don't 
even really support session failover ,but we could in theory support it.

Serialization to a file is not done,  nor has it ever really bee n a 
good idea.   Typcially,  file formats should be human readable.

Serialization to a socket  is primarily done in RMI.  We aren't planning 
on supporting that.

Still, it pays to be careful.  So,  here's the deal.  We take the 
autogenerated ID, and that makes sure that only versions that match the 
serial version ID can read the file/socket.  If we change areound the 
order of the member variables, change their types,  add in new memebers, 
etc,  we will need to regenerate the SerialVersionID to make sure that 
it doesn't give some wierd errors.  I think that this will be caught by 
code reviews, so long as people are attuned.


So, to sum up:  get rid of the warning the "right" way,  it is unlikely 
to be a problem regardless, but lets be careful in code reviews.


Does this work for everyone?  IF so, I'll create a patch.