Hi, Ranchers. Another fundamentals error from book's authors: ---------- The session is retrieved dynamically from the current request object. Because of Java’s design, you are guaranteed that the request parameter is directly threaded to the current client. As a result, the session returned is also the session associated with the client accessing this code. Any attributes added or acquired fall under the same category and are thread-safe. Once the variable is local to a method, there is no threat of data corruption from intercepting threads due to local variable threading rules. Figure 8.8 provides a visual representation of how session objects and their attributes are linked directly to the client thread. .... Fundamentally, each client operates on its own session object. By design, adding session attributes is thread-safe. ---------- It seems to me that authors does not know that one client can open several browser windows, participating in the same HTTP session and thus session attributes can be accessed concurretly by several threads (via several brousers) simultaneously. So, by design, adding session attributes is NOT thread-safe.
Java Platform, Enterprise Edition 6 Web Services Developer Certified Expert Exam Study Guide and Quiz Exam 1Z0-810: Upgrade to Java SE 8 Programmer Study Guide and Quiz