The first post by Brian Goetz nicely sums up that HttpSession and friends are trickier than they look. Taking a close look at sessions and threads, the threading risks involved in Web applications, and solutions to minimize these risks. A second post by Michael Chermside takes a look at Threadsafe Java Servlets, also touching upon the particularities of Java sessions and threads. Read Brian Goetz's complete post 'Are all stateful Web applications broken?': http://www.ibm.com/developerworks/library/j-jtp09238.html Read Michael Chermside's complete post on 'Threadsafe Java Servlets': http://mcherm.com/permalinks/1/threadsafe-java-servlets