I cannot go for session scope for drop down because lot of drop downs invloved and it is user specific drop downs
Neither of these are good reasons for not using session scope. A few lists of options contained in the session is not going to negatively affect performance. Also an HttpSession
is user specific, so that shouldn't be a problem either.
If even after knowing this, you just don't want to store these values in the HttpSession, your next best option is just to rebuild the data. ActionForm has a reset() method you can override. This method gets called before validation is performed, so you could put logic to rebuild the lists there. Even if you're getting the values from a database, most databases have some sort of caching, so getting the values the second time will be much faster than getting them the first time.
The only other option would in my opinion take more effort than it was worth. That is to create an <html:hidden> field for every item in every list using indexed properties.
Warning: Anything below this line is just me on my soapbox ranting and raving. Please stop reading here if you don't want to hear it.
It bothers me that so many developers have read the
J2EE performance white papers that warn us not to put too much data in the HttpSession, and have totally misinterpreted it.
Now it seems that when one suggests putting something in the HttpSession, the response is: "You're going to store something in the HttpSession?!!! How can you do that? You're going to bring the performance of the application to it's knees!!"
The HttpSession is now and always has been a good place to store small to moderate amounts of data. When the white papers say "don't put a lot of data in the session", they mean data over about 10KB. A few dropdown lists will generally come in well under this amount of data. The important thing is to learn how to use the removeAttribute() of the session to get rid of data when you're done with it. That way you don't have data accumulating as the user navigates through different pages.
All I'm saying is, give the HttpSession a break. It's a good object, and deserves a little respect. Don't be afraid to use it once in a while.