What is the scope of HttpServletRequest when being used in a controller (singleton)?

Question

I have this doubt... I have a singleton bean...and I want to set some parameters on the HttpServletRequest, on this way:

@RequestMapping(value = "/myUrl", method = RequestMethod.GET)
    public String myMethod(final ModelMap model, final HttpServletRequest req){
       req.getSession().setAttribute("myKey", "someValue");
       return "/myURL";
    }

So, if I set myKey, that value will be accessible only by the current user in that session? or because it is a singleton bean could be overriden by other user?

Possible duplicate of [What is the lifecycle of a HttpServlet?](http://stackoverflow.com/questions/3894088/what-is-the-lifecycle-of-a-httpservlet) — Dennis Kriechel, Dec 11 '15 at 15:14

cahen · Accepted Answer · 2015-12-11T15:27:09.307

1

You're changing the session, not the controller. And the session is associated with the user making the request, so other users won't be able to see this value.

From getSession() documentation:

Returns the current session associated with this request, or if the request does not have a session, creates one.

edited Dec 11 '15 at 15:27

answered Dec 11 '15 at 15:22

cahen

15,807
13
47
78

1

Also - if accessing the session you're doing anyway with the servlet request - you can just as well use put the session as a parameter for your method, e.g. public String myMethod(final ModelMap model, final HttpSession session){ ... } – Lukehey Dec 11 '15 at 15:24

What is the scope of HttpServletRequest when being used in a controller (singleton)?

1 Answers1