I realized today that I have blindly just followed this requirement for years without ever really asking why. Today, I ran across a NotSerializableException with a model object I created from scratch and I realized enough is enough.
I was told this was because of session replication between load-balanced servers, but I know I've seen other objects at session scope that do not implement Serializable. Is this the real reason?
Because in order to be transferred across a wire they need to be serialisable to a form that can be put on the wire.
Like binary, or xml, Json, or simillar
There's more info here... Should any domain object, not be serializable?