The best way to protect singletons from deserialisation is to declare them as enum constants. Please find a copy of Thinking in Javaby Bruce Eckel (the 2nd edition can be found free of charge: try the mindprod.com website) or Sierra Bates and Robson's cert exam revision guide. Both contain a good description of readResolve().
You seem to be asking a lot of questions about singletons lately. Why are you using singletons? Why is it so important to you that you limit the instantiation of a class?
Anyway, the purpose of the readResolve() method is to replace the deserialized object with one that you actually want to use in your application. The reasons for this can be many.
A good example is when the data on disk looks very differently from the data in memory. You would then have one class that represents the data in memory, and one class that represents the data on disk. When you serialize an object, the serialization mechanism will call its writeReplace() method, where you can replace the object with an instance of the class that represents the data on disk. That object then gets serialized through the usual means. Later when you deserialize the object, the readResolve() method is called, where you can replace the object with an instance of the class as it appears in memory.
There is no default implementation for these classes. They don't normally exist. It's just that the serialization mechanism checks for their existence using reflection, and if they DO exist, only then are they called.
If you try to please everybody, your progress is limited by the noisiest fool. And this tiny ad:
Devious Experiments for a Truly Passive Greenhouse!