A servlet can store data for JSP pages in three main places: in the HttpServletRequest, in the HttpSession, and in the ServletContext. These storage locations correspond to the three nondefault values of the scope attribute of jsp:useBean: that is, request, session, and application.
in the HttpServletRequest Time
ValueObject value = new ValueObject(...);
HttpSession session = request.getSession();
session.setAttribute("key", value);
Next, the servlet would forward to a JSP page that uses the following to retrieve the data:
<jsp:useBean id="key" type="somePackage.ValueObject"
scope="session" />
Storing data that the JSP page will use in this request and in later requests from any client. First, the servlet would create and store data as follows:
ValueObject value = new ValueObject(...);
getServletContext().setAttribute("key", value);
Next, the servlet would forward to a JSP page that uses the following to retrieve the data:
<jsp:useBean id="key" type="somePackage.ValueObject"
scope="application" />
the servlet code is normally synchronized to prevent the data changing between the servlet and the JSP page.
The JSP page never creates the objects. The servlet, not the JSP page, should create all the data objects. So, to guarantee that the JSP page will not create objects, you should use
<jsp:useBean ... type="package.Class" />
instead of
<jsp:useBean ... class="package.Class" />.
The scope you specify should match the storage location used by the servlet. For example, the following three forms would be used for request-, session-, and application-based sharing, respectively.
<jsp:useBean id="key" type="somePackage.SomeBeanClass"
scope="request" />
<jsp:useBean id="key" type="somePackage.SomeBeanClass"
scope="session" />
<jsp:useBean id="key" type="somePackage.SomeBeanClass"
scope="application" />