Hello,

could you please explain me how HttpSessions work?
When and by whom are they created?
(How) Can HttpSessions be shared between different Servlets?
If a servlet method receives a SessionId through a parameter, how can the session id be validated? (Is there a way to query all active sessions from within a servlets method?)

Please enlighten me.
Thanks in advance!