What is session implicit object in JSP?

The session implicit object is an instance of javax.servlet.http.HttpSession. This variable is only valid for Http protocols. The session is one of the JSP built-in variables (like request) that is available in the service body of a JSP.

The session implicit object is used to provide an association between the client and the server. HTTP protocol is a stateless protocol. The session concept is a way of allowing multiple requests from the same client to be group together as part of a single "conversation". The session is used to maintain the "conversation" states during a given time period. The following JSP code changes the session timeout value:

<p>
The session timeout is: <%=session.getMaxInactiveInterval()%>
</p>
<%	
session.setMaxInactiveInterval(3000);
%>
<p>
The session timeout has been set to: <%=session.getMaxInactiveInterval()%>
</p>

A session can be maintained either by using cookies or by URL rewriting. To expose whether the client supports cookies, session defines an isCookieSupportDetermined() method and an isUsingCookies() method.

You can prevent the creation of a session in a JSP page. For more information, please read Can I prevent the creation of a session in a JSP page? in XyzWs.com.

The session created is accessible to servlet without any restriction. session object which is implicit in jsp could be accessed in servlet by request.getSession(); Both these session objects are the same for single browser client and hence the sessionId too.