Is synchronization within an HttpSession feasible?

by

I found this nice explanation in spring-mvc JavaDoc for WebUtils.getSessionMutex():

In many cases, the HttpSession reference itself is a safe mutex as well, since it will always be the same object reference for the same active logical session. However, this is not guaranteed across different servlet containers; the only 100% safe way is a session mutex.

This method is used as a lock when synchronizeOnSession flag is set:

Object mutex = WebUtils.getSessionMutex(session);
synchronized (mutex) {
    return handleRequestInternal(request, response);
}

If you look at the implementation of getSessionMutex(), it actually uses some custom session attribute if present (under org.springframework.web.util.WebUtils.MUTEX key) or HttpSession instance if not:

Object mutex = session.getAttribute(SESSION_MUTEX_ATTRIBUTE);
if (mutex == null) {
    mutex = session;
}
return mutex;

Back to plain servlet spec – to be 100% sure use custom session attribute rather than HttpSession object itself.

See also

More Related Contents:

  1. How do servlets work? Instantiation, sessions, shared variables and multithreading
  2. Avoid synchronized(this) in Java?
  3. Is it safe to use a static java.sql.Connection instance in a multithreaded system?
  4. Is multi-thread output from System.out.println interleaved
  5. Synchronizing on String objects in Java
  6. Synchronization vs Lock
  7. What is the difference between atomic / volatile / synchronized?
  8. How to synchronize a static variable among threads running different instances of a class in Java?
  9. How do I make my ArrayList Thread-Safe? Another approach to problem in Java?
  10. How do synchronized static methods work in Java and can I use it for loading Hibernate entities?
  11. What is recommended way for spawning threads from a servlet in Tomcat
  12. Java double checked locking
  13. How do I keep a user logged into my site for months?
  14. Java Synchronized Block for .class
  15. Sharing session data between contexts in Tomcat
  16. Java Singleton and Synchronization
  17. Printing Even and Odd using two Threads in Java
  18. Waiting on multiple threads to complete in Java
  19. Session is lost and created as new in every servlet request
  20. Retrieving servlet context, session and request in a POJO outside container
  21. SessionTimeout: web.xml vs session.maxInactiveInterval()
  22. sending variable from one jsp to another jsp
  23. How are Threads allocated to handle Servlet request?
  24. Sharing a variable between multiple different threads
  25. Managing webapp session data/controller flow for multiple tabs
  26. Best option for Session management in Java
  27. How can I manually load a Java session using a JSESSIONID?
  28. Why do I need to synchronize a list returned by Collections.synchronizedList
  29. Regarding thread safety of servlet [duplicate]
  30. Find number of active sessions created from a given client IP

Leave a Comment