session attribute is being set to an object in Java, but it is null in the JSP. Why is the JSP using a new session?

Question

I ran the code in the debugger and confirmed that the object was being created in the Java code and was null in the JSP. Why is the JSP using a new session?

In debugger, it goes into Java code and sets the captcha in a session with an id. When I run the JSP, it gets the session with a different id, fails, then goes into doGet() and sets the current id session with a new captcha object. Storing captcha in a session, but that session isn't being used when the JSP runs.

Here are some code snippets

Java:

public void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
  ColoredEdgesWordRenderer wordRenderer = new ColoredEdgesWordRenderer(COLORS, FONTS);
  Captcha captcha = new Captcha.Builder(_width, _height).
  addText().addNoise().
  addBackground(new BrightGradiatedBackgroundProducer()).
  build();

  CaptchaServletUtil.writeImage(resp, captcha.getImage());
  req.getSession().setAttribute("simpleCaptcha", captcha); // object is getting set

}

JSP:

session=request.getSession(false);
if (session==null)
    session=request.getSession(true);

boolean isCaptchaTrue = false;
String strCaptcha = request.getParameter("captcha");
String captchaType = request.getParameter("captchaType");

if (strCaptcha != null && captchaType != null) {
  if(session.getAttribute("simpleCaptcha") instanceof Captcha){
    Captcha captcha = (Captcha) session.getAttribute("simpleCaptcha");
    isCaptchaTrue = captcha.isCorrect(strCaptcha);

  }else if(session.getAttribute("simpleCaptcha") instanceof AudioCaptcha){
    AudioCaptcha captcha = (AudioCaptcha) session.getAttribute("simpleCaptcha");
    isCaptchaTrue = captcha.isCorrect(strCaptcha);
  }
} 

Answer 1

I found my problem. At the top of the JSP the session was being invalidated. I removed session.invalidate() and it works now.