This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
If the application server creates an HttpSession for a user, that HttpSession is the same session used by every JSP and Servlet that user accesses. If you stuff some great data in the HttpSession in a Servlet, the client will be able to yank that data out of the HttpSession in any JSP or other Servlet in the application. Well, until their session times out, that is.