This week's book giveaway is in the OCMJEA forum. We're giving away four copies of OCM Java EE 6 Enterprise Architect Exam Guide and have Paul Allen & Joseph Bambara on-line! See this thread for details.
The session is scoped at the web app (servlet context) level. If you put an attribute into the HttpSession, you can get to it from any JSP or servlet in your web app. See the servlet 2.4 specification:
SRV.7.3 Session Scope HttpSession objects must be scoped at the application (or servlet context) level. The underlying mechanism, such as the cookie used to establish the session, can be the same for different contexts, but the object referenced, including the attributes in that object, must never be shared between contexts by the container. To illustrate this requirement with an example: if a servlet uses the RequestDispatcher to call a servlet in another Web application, any sessions created for and visible to the servlet being called must be different from those visible to the calling servlet.
Joined: Nov 29, 2004
�If you put an attribute into the HttpSession, you can get to it from any JSP or servlet in your web app.� - should that JSP or servlet participate the HttpSession to have an access to that attribute?