Jakob Jenkov
Last update: 2014-05-25

The HttpSession object represents a user session. A user session contains information about the user across multiple HTTP requests.

When a user enters your site for the first time, the user is given a unique ID to identify his session by. This ID is typically stored in a cookie or in a request parameter.

Here is how you access the session object:

protected void doPost(HttpServletRequest request,
    HttpServletResponse response)
        throws ServletException, IOException {

    HttpSession session = request.getSession();

You can store values in the session object, and retrieve them later. First, let's see how you can store values in the session object:

session.setAttribute("userName", "theUserName");

This code sets an attribute named "userName", with the value "theUserName".

To read the value again, you do this:

String userName = (String) session.getAttribute("userName");

Values stored in the session object are stored in the memory of the servlet container.

Sessions and Clusters

If you have an architecture with 2 web servers in a cluster, keep in mind that values stored in the session object of one server, may not be available in the session object on the other server. So, if a user's requests are divided evenly between the two servers, sometimes session values may be missing.

The solution to this problem would be one of:

  1. Do not use session attributes.
  2. Use a session database, into which session attributes are written, and from which it is read.
  3. Use sticky session, where a user is always sent to the same server, throughout the whole session.

Jakob Jenkov

Featured Videos

Java ForkJoinPool

P2P Networks Introduction


Java Persistence
Close TOC
All Tutorial Trails
All Trails
Table of contents (TOC) for this tutorial trail
Trail TOC
Table of contents (TOC) for this tutorial
Page TOC
Previous tutorial in this tutorial trail
Next tutorial in this tutorial trail