I think session attributes can used in multiple JVMs of the application by implementing the HttpSessionActivationListener.
It is not required to implement this interface to share the attributes across differnt JVMs. The session always active only in one JVM at a time. The session can be migrated to different JVM according to Servlet Spec. The listeners only catch the events related to session.
The session object scoped at application level so it can be used in diff JVM in distributed environment, but not for diff. applications.
can be used to pass through the session id to different applications. And if cookies are enabled, and session tracking is being done using cookie, then url encoding is not reqquired, browser automatically attaches the cookie with request before sending to same/another application as long as application shares the same domain, i.e. http://app1.mycompany.com/App1/servlet1 and http://app2.mycompany.com/App2/servlet2
can share the same cookie, both applications would have to set the domain of cookie to "mycompany.com" in order to share the cookie across multiple applications.
Another point mentioned here was:
Session level variables are not even accessible to other users in the same application. Then it is not possible to access it out side the application.
This is incorrect. A user may navigate to different application from the same browser and the two application can talk to each other in user's context i.e. session. For example multiple applications of same company requiring "single sign-on"!
Now, coming to sharing session across JVMs, yes it can be done. We can passivate the session and activate it on other JVMs by making all our session attributes serializable. All this happens automatically by using HttpSessionActivationListener as Sumit / Narendra mentioned.
Hope this helps. [ July 05, 2005: Message edited by: Anand Wadhwani ]
The value of str is null. i.e the App2 is not able to read the session attribute set in App1, then how come the session can be used across different applications.
Yes, it is not possible to share a session variables ( or session) across different applications alteast using standard servlet specs. because the session object is scoped at the application level .
Another question that sharing of attributes across diff JVMs for same application. If you go through spec. it is mentioned that the session migration is provided by the specs itself under certiaon conditions ( e.g. Spec gurantees to migrates all the session attributes which implement serializable interface). The Session listeners are required only if we want to catch the events like when the session is created or attribute is added or removed for logging and other purpose. The Listeners itself not handle the migration mechanism, they only catch the related events. Do you require HttpSessionListener to create a session ? it only caches the events. The same is true about the Activation Listeners.