When you use response.sendRedirect("someLocation"), the servlet container create a new request and response object, and, if the request has not associated a session, when you call request.getSession(), a new session is created. You can use
Thus, you send the current request and response, which have a session associated
Precisely because a forward does not create a new request, and a redirect does. When you need a new request, a forward is not acceptable. When you don't need a new request, a redirect is not acceptable.