Monday, March 8, 2004 06:38 AM
This is not the best practice, nor is it portable. The connection object does not implement the Serializable interface (it in itself is just an interface that is implemented by the JDBC vendor.).
Some Web applications will "persist" your session object into a database or LDAP or some persistance method. This may be to persist the session object for load balancing or a myriad of other reasons. When it reads this Session back in, you have lost anything that doesn't implement the Serializable interface.
I don't know if this is happening in your case, but putting the connection object into the session object and re-using it is bad practice.
If you are concerned about performance (getting and releasing the connection) then you should use JDBC connection pooling or a third party connection pool.
On the whole, it is a bad practice to put ANYTHING in the session object or as a request attribute that doesn't implement the Serializable interface.