Jsp: useBean scope
JSP Code:
<jsp:useBean id="person" class="org.example.model.PersonModel" scope="session"> </jsp:useBean> <br> Name : <jsp:getProperty property="name" name="person"/> <br> Surname : <jsp:getProperty property="surname" name="person"/> Although I set the Java object in the request , and not in the session in the Controller servlet, from where I forward the request to this servlet. How does <jsp:useBean> get the request attribute, although the scope indicated in the tag is a session? If pageContext.findAttribute() used to get the attribute, then what is the point of using the scope attribute in the <jsp:useBean> ?
PageContext#findAttribute() scans the areas of the page, request, session, and application, respectively, until the first null attribute value is found for this attribute key. See also javadoc :
Searches for the specified attribute on the page, request, session (if valid) and the application area in order and returns a value that is bound or null.
This explains why it finds the request covered by one set in the forwarding servlet, and not in the session declared in the JSP. This is also explained in our wiki page. .
In any case, if you are using a servlet, you should not use <jsp:useBean> for model objects that should be managed by the servlet. <jsp:useBean> follows another MVC level, which will only lead to confusion and maintenance issues when using the servlet as a controller. This is also explicitly mentioned in the "Coding Style and Recommendations" section of our Servlets widget page .
So, instead of all those <jsp:xxx> things, you can simply do:
<br>Name: ${person.name} <br>Surname: ${person.surname} You only need to add JSTL <c:out> to prevent possible hits of XSS attacks when displaying user-controlled data again (note that <jsp:getProperty> does not!)
<br>Name: <c:out value="${person.name}" /> <br>Surname: <c:out value="${person.surname}" /> To learn more about JSTL, check out our JSTL Wiki page .