Can I have a stateful session bean be responsible for storing the session information rather than a HttpSession instance? If so, how can this be done? A code example would be useful.
Here is one way which I have done this, although it is not necessarily the best way.
To store session information in the stateful bean, I needed to keep a reference to the stateful bean between requests. Storing this reference in the HttpSession would be pointless, as it would not relieve you of the dependence on this object. What I did instead was to serialize the handle to the bean, and then pass this serialized handle to the client in a cookie. When the client returns with the next request, the serialized handle is passed back in a cookie. To access the bean, I then deserialized the handle, and called the getEJBObject method.
A similar approach is to store the serialized handle in a database, and then to pass the primary key to the client in a cookie or through URL rewriting. I found this a little tricky, in that my database used a different character encoding scheme than my JVM, so the the serialized handle retrieved from the database appeared identical to the serialized handle before storage, but was in fact different. Specifying the encoding scheme used should help you get around this.
Alternatively, I have known people to store the (unserialized) handle in a data structure (e.g., a hashtable) in memory, and then pass the key to the handle to the user in a cookie.