What is session management in Java?

Question

I have faced this question in my Interview as well. I do have many confusion with Session Scope & it management in java.

In web.xml we do have the entry :

<

Answer 1

I recommand Apache Shiro for session management,Authentication and authorization.

I take it back.

As @BalusC commeneted below, only servlet container is in charge of managing the http session. Shiro is just using that. It will hook to HttpSession via a filter you explicitly define.