5.7.1 Concurrent execution with the same session ID
The functionality of concurrent execution with the same session ID concurrently executes multiple requests when multiple requests of the same session ID are sent to multiple replicated J2EE servers or to one J2EE server. Global session information is not locked/released because multiple request processing are concurrently executed.
-
Notes
If you want to concurrently execute multiple requests processing by using concurrent execution of the same session ID, processing order of Servlet API issued by the web application will be uncertain.
For the same HTTP session, if you concurrently send a request that registers attributes (the setAttribute() method in the javax.servlet.http.HttpSession interface) and a request that disables the session (the invalidate() method in the javax.servlet.http.HttpSession interface), or if you send duplicate requests that disable a session, the attributes for HTTP sessions, which are already disabled, might be registered or disabled depending on the processing order of Servlet API. In this case, Servlet API throws java.lang.IllegalStateException exception. As a result, implement web applications by considering that Servlet API throws java.lang.IllegalStateException exception.