The first post by Brian Goetz nicely sums up that HttpSession and friends are trickier than they look. Taking a close look at sessions and threads, the threading risks involved in Web applications, and solutions to minimize these risks. A second post by Michael Chermside takes a look at Threadsafe Java Servlets, also touching upon the particularities of Java sessions and threads. Read Brian Goetz's complete post 'Are all stateful Web applications broken?': Read Michael Chermside's complete post on 'Threadsafe Java Servlets':