Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

[AEM Gems Webinar] Accelerating Experience Manager as a Cloud Service development with Rapid Development Environments

"Deserialization not allowed for class" error after Migrating to AEM 6.3


Level 2


I have an application object which is serialized and stored in the session and it is deserialized to retrieve the value.

This was originally implemented in AEM 6.1

Now i am trying to migrate the application to AEM 6.3 , here the same code during deserialization  is throwing "java.lang.UnsupportedOperationException: Deserialization not allowed for class "

Below is the code for deserialization

public static Object deserializeByteArray(final byte[] in) {

  ByteArrayInputStream bis = null;

  ObjectInputStream ois = null;

  try {

  bis = new ByteArrayInputStream(in);

  ois = new ObjectInputStream(bis);

  Object objectValue = (Object) ois.readObject();

  return objectValue;

  } catch (final ClassNotFoundException e) {

  LOG.error("Caught CNFE decoding " + in.length + " bytes of data ", e);

  } catch (final IOException e) {

  LOG.error("Caught IOException decoding " + in.length + " bytes of data ", e);

  } finally {




  return null;


6 Replies


Level 10

Can you try running this without trying to store in a session. What line of code is throwing an error. This is just straight Java and should work in AEM.


Level 2

I am getting error in Object objectValue = (Object) ois.readObject();

while attempting to readObject


Level 10

Hard to say without knowing the class you are serializing; this sounds like a java concern. Make sure the class is serializable [1] .. maybe its some internal class that no longer implements Serializable?