Can someone comment on what is and what is not thread-safe in servlets? I understand the basic servlet implementation but none of the books I have reviewed addresses specifics such as: 1) Are you safe once a servlet enters doGet, doPost, etc.? Or can the JVM stop execution of a servlet thread in the middle of one of these methods and potentially invoke another servlet thread that executes the same method, possibly overwriting that method's local variables set by the first thread? If so, how does one prevent this? 2) Are the Request and Response objects considered thread-safe? For example, if I set an attribute in the Request object, can it potentially be overwritten? If so, is there a point in time at which I can be assured this will not happen? For example, would the Request object be safe once it is passed to a JSP using request.getRequestDispatcher.forward("JSP")? If Request is not thread-safe, why would one use it to pass Objects to a JSP as opposed to using the Session object? 3) If not answered in 1) and 2) above, what can I be assured of that is thread-safe? I have read a lot of material on servlets and how the programmer needs to be conscious of threading issues. However, all of these materials eschew the SingleThreadModel (and I can understand why) so I would just like to know how a programmer is supposed to keep from stepping on himself short of implementing a SingleThreadModel or synchronizing a section of code in doGet or doPost. Thanks for any light you might shed on this issue.
1) Any number of Threads can be executing in the same servlet object method at "one time". The important point is that any local variable - ie declared inside the method - belongs to a particular Thread. The only reference is inside the Thread stack, no other Thread can see it. On the other hand, instance and static variables belonging to the servlet object can be seen by all Threads. 2) The servlet container generates a request and response object for each Thread independently so yes, they are thread safe. 3) The session object is tied to a particular cookie - a unique id for the user, but is not thread safe if more than one request from the user is being processed. ALL YOU HAVE TO DO is use nothing but local variables - if you need to keep an object around between requests, use the session to store it or make other arrangemetns - but you may have to synchronize access to it. Bill
Thanks Bill. This clarifies a number of issues for me including, indirectly, the lifespan of the Request and Response object and why getRequestDispatcher.forward("JSP") makes grammatical sense (I had not previously been at ease with that concept). From 2), I infer that the Request and Response objects begin life when created by the servlet container and passed to the servlet and end life (normally) when the servlet ends or when the JSP page that has been forwarded to ends. Is this correct? BTW, thanks for your response as well as your help on the SCJP2 exam. I have your Java 2 Exam Cram book. It made an excellent study guide and I would highly recommend it!
Author and all-around good cowpoke
Joined: Mar 22, 2000
You are exactly correct about the request and response objects - the servlet container goes to a lot of work to set these up before your method gets them, and they die after the response is sent. Glad to hear you got good use out of my book. Thanks! Bill