Hi Tim,
Thanks for taking the time to respond. I agree with your point and understand it.
However my doubt was more to do with ONLY the session object. An object which would anyway be created by the 1 thread that is serving the current request, if so required.
For this very session object to come into play again, a new request(being served by another thread-from pool or new Thread object, as you rightly pointed out) must contain
the JSESSIONID cookie associated for this very session object. It is my understanding that a client(browser or even a
Java HTTP Client or any other) must set this header
to make a statefull call to an otherwise stateless protocol.
Now given the above scenario where and how can there be multiple threads wanting to access the same session object?
Mind you I agree with the fact that all objects in the J2ee environment must be stateless for threads.
Thanks.