This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Since the servlet engine typically manages the session using the id stored in a cookie, yes - the visibility rules that apply to cookies apply to sessions. If your redirect is to another "web application" it won't see the session created for the initial "web application" Bill