Inspectopedia Help

Non-serializable object bound to 'HttpSession'

Reports objects of classes not implementing java.io.Serializable used as arguments to javax.servlet.http.HttpSession.setAttribute() or javax.servlet.http.HttpSession.putValue().

Such objects will not be serialized if the HttpSession is passivated or migrated, and may result in difficult-to-diagnose bugs.

This inspection assumes objects of the types java.util.Collection and java.util.Map to be Serializable, unless type parameters are non-Serializable.

Example:

void foo(HttpSession session) { session.setAttribute("foo", new NonSerializable()); } static class NonSerializable {}

Inspection Details

Available in:

IntelliJ IDEA 2023.3, Qodana for JVM 2023.3

Plugin:

Java, 233.SNAPSHOT

Last modified: 13 July 2023
Non-serializable field in a 'Serializable' class Non-serializable object passed to 'ObjectOutputStream'