JSR-380 validation before serialization

[mluckam]

I am attempting to enforce JSR-380 validation after deserialization and before serialization without having a custom deserializer and serializer for each class. This is achievable before deserialization as shown in this baeldung article. Taking the same approach with serialization does not work because BeanSerializer.serialize is final.

A few questions:

1. Is there a suggested strategy to enforce validation before serialization?
2. Is there a reason that BeanSerializer.serialize is final?

Below is an example project showing this with two unit tests. Deserialization passes and serialization fails because serialization is not configured for validation.
sample project

[cowtowncoder]

There is probably no strict reason for BeanSerializer.serialize() being final -- class should not be sub-classed by any application/client code, but it should be possible for proxies or such to be generated.

So I'd be ok in removing final from there.

As to validation, I don't think there is any good hooks to add this in: this should not require sub-classing of serializers. But there is also the problem of requiring more metadata as context that may not be easy to solve.

Overall I think currently validation is best run separate from deserialization; but I'd be open to adding additional support for in-flow extension points. But I probably won't have time driving such efforts; can and will help as usual.