Inspectopedia 2025.2 Help

Non-serializable object bound to 'HttpSession'

Reports objects of classes not implementing java.io.Serializable used as arguments to javax.servlet.http.HttpSession.setAttribute() or javax.servlet.http.HttpSession.putValue().

Such objects will not be serialized if the HttpSession is passivated or migrated, and may result in difficult-to-diagnose bugs.

This inspection assumes objects of the types java.util.Collection and java.util.Map to be Serializable, unless type parameters are non-Serializable.

Example:

void foo(HttpSession session) { session.setAttribute("foo", new NonSerializable()); } static class NonSerializable {}

Locating this inspection

By ID

Can be used to locate inspection in e.g. Qodana configuration files, where you can quickly enable or disable it, or adjust its settings.

NonSerializableObjectBoundToHttpSession
Via Settings dialog

Path to the inspection settings via IntelliJ Platform IDE Settings dialog, when you need to adjust inspection settings directly from your IDE.

Settings or Preferences | Editor | Inspections | Java | Serialization issues

Suppressing Inspection

You can suppress this inspection by placing the following comment marker before the code fragment where you no longer want messages from this inspection to appear:

//noinspection NonSerializableObjectBoundToHttpSession

More detailed instructions as well as other ways and options that you have can be found in the product documentation:

Inspection Details

By default bundled with:

IntelliJ IDEA 2025.2, Qodana for JVM 2025.2,

Last modified: 18 September 2025
Non-serializable field in a 'Serializable' classNon-serializable object passed to 'ObjectOutputStream'