Yes, it looks like it; either make your seesion objects serializable so the container can serialize them or use HttpSessionActivationListener and write the code to persist and restore data yourself.
Note that although this constitute a very good guideline to insure that your application can run inside containers configured differently, you can safely ignore this if your Sessions are kept in memory all the time; they will never get serialized, passivated or activated.
Do not put too much stuff in your session anyway. I usually only put a userid in the session.
public interface HttpSessionActivationListener
Objects that are bound to a session may listen to container events notifying them that sessions will be passivated and that session will be activated. A container that migrates session between VMs or persists sessions is required to notify all attributes bound to sessions implementing HttpSessionActivationListener.
I hadn't been here for fifteen years
What are you doing? You are supposed to be reading this tiny ad!
the new thread boost feature brings a LOT of attention to your favorite threads