Home > Articles

This chapter is from the book

This chapter is from the book

Types of Session Beans

There are two types of session beans: stateless and stateful. Stateless session beans are business objects that hold conversations that span a single client-invoked method call. They do not maintain any conversational state associated with any client. Stateful session beans are business objects that hold conversations that span multiple client-invoked method calls. Stateful session beans provide an easy and robust way to handle conversational state.

Stateless Session Beans

Stateless session beans do not maintain the conversational state associated with any client. The client is responsible for maintaining the conversational state, if any. The container could reuse the same instance to serve multiple clients. This makes perfect sense because the bean instance doesn't maintain any client specific state.

An example of stateless session bean is a stock quote component that returns the current price of a given stock symbol. Such a bean could look up the stock price from a database that is updated by a real-time feed. Another example is a stateless session bean that implements a compression algorithm. This bean accepts a plain text as a parameter and returns a compressed buffer.

The sample university registration application uses a stateless session bean to model a SignOn component to verify the user's login and password. It also allows new users to create a login and password in the system.

The remote interface SignOn is defined as follows:

public interface SignOn extends EJBObject {
 public void addUser(String username, String password)
   throws RemoteException;
  public boolean validateUser(String login, String password)
   throws InvalidLoginException, RemoteException;

This interface contains two business methods, addUser and validateUser, which are callable by the client.

The home interface SignOnHome is defined as follows:

public interface SignOnHome extends EJBHome {
  SignOn create()
   throws CreateException, RemoteException;

So, to create a bean instance, you call the create() method on the home interface. Notice that the create() method returns a remote interface instance (as opposed to the enterprise bean class).

The bean class SignOnEJB is defined as follows:

public class SignOnEJB implements SessionBean {
private SessionContext ctx;
/* --- callback methods --- */
/* container calls this method to set the associated session context */
public void setSessionContext(SessionContext c) {
  ctx = c; 
/* container calls this method so that you can
  initialize your session bean instance
public void ejbCreate() {}
/* container invokes this method before it
  ends the life of the session object.
public void ejbRemove() {} 
/* ejbActivate and ejbPassivate are
  not used by stateless session beans
public void ejbActivate() {}
public void ejbPassivate() {}
/* ---here you implement all business methods 
 as defined in the component interface---
public void addUser(String userName, String password) {
 /* code to add a new user to the database */
public boolean validateUser(String userName, String password) 
  throws InvalidLoginException {
 /* code to validate the user login and password from database */


The create() method of a stateless session bean should not accept any parameters. Because a stateless session bean does not maintain any conversational state, you must make sure that none of the client-passed parameters are stored beyond the method call.

The deployment descriptor for the enterprise bean is specified as follows:


The session element declares a session bean and an ejb-name element within the session element, which defines the session bean's name (SignOnEJB). The session element also declares other things, such as the home interface (SignOnHome), remote interface (SignOn), and bean's class (SignOnEJB). The session-type element declares this is a stateless session bean (as opposed to a stateful session bean).

Instance Pool

The creation and destruction of enterprise beans are expensive operations. To reduce this cost, the EJB container maintains an instance pool for each type of stateless session bean. At start up, the container creates instances as specified in the deployment descriptor of the stateless session bean. The EJB container may reuse the same instance to serve multiple client requests. This mechanism of multiplexing enhances the performance and response time of client interaction. Using a small number of instances in a predefined pool to satisfy a large number of clients has been proven to be a good practice for increasing performance and managing resources. The instance pool is also called the caching policy.


Instance pooling is applicable only to stateless session beans, not to stateful session beans.


Two or more different clients cannot share a stateless session bean instance concurrently. They can, however, reuse the same instance that comes from the instance pool.

Stateful Session Beans

Stateful session beans maintain the state associated with a client. Stateful session bean fields contain a conversational state on behalf of the session object's client. This state describes the conversation represented by a specific client/session object pair. The conversational state is preserved across method invocations and transactions.

Unlike a stateless session bean, a stateful session object has a unique identity that is assigned by the EJB container at create time.

An example of a stateful session bean is a shopping cart that represents the collection of products selected by a particular customer for purchase during a session. The shopping cart should not be shared because it represents a particular interaction with a particular customer and is alive only for the customer's session. Also, the shopping cart is not saved into the database unless the customer is ready to place an order. Another example of a stateful session object is a trader session component that allows a trader to interactively add, remove, and place trades.

Stateful session beans are useful in workflow management that requires the bean to maintain client data over different method invocations. Behind the scenes, the bean manages the workflow of several enterprise beans. The bean mediates between the client and the other components of the application, presenting a simplified view to the client.

The sample university registration application uses stateful session beans to model enrollment cart component. An enrollment cart is similar to a shopping cart. It represents the collection of courses selected by a particular student for purchase during a session.

The remote interface EnrollmentCart is defined as follows:

public interface EnrollmentCart extends EJBObject {
  public void addCourses(String[] courseIds) throws RemoteException;
  public Collection getCourses() throws RemoteException;
  public void empty() throws RemoteException;

The business methods callable by clients are defined in this interface. For example, the EnrollmentCart interface defines three business methods: addCourses (to add courses to the cart), getCourses (to retrieve the courses in the cart), and empty (to empty the enrollment cart).

The home interface EnrollmentCartHome is defined as follows:

public interface EnrollmentCartHome extends EJBHome {
 EnrollmentCart create() throws CreateException, RemoteException;

So, to create a enrollment cart instance, the client calls the create() method on the home interface. The create() method returns a remote interface instance (as opposed to the enterprise bean class).

The bean class EnrollmentCartEJB is defined as follows:

public class EnrollmentCartEJB implements SessionBean {
/* ctx and cart constitute the conversational state */
   private SessionContext ctx;
   private HashSet cart;
/* --- callback methods */
/* container calls this method to set the associated session context */
   public void setSessionContext(SessionContext c) {
     ctx = c;
   public void ejbCreate() throws CreateException {
     cart = new HashSet();
   /* This method is called when the instance 
     is activated from its "passive" state.
   public void ejbActivate() {}
    This method is called when the container intends to 
    passivate the bean instance.
   public void ejbPassivate() {}
   /* Container invokes this method before it 
     ends the life of the session object.
   public void ejbRemove() {}
   /* ...here you implement all business methods 
     as defined in the component interface...
   public void addCourses(String[] courseIds) {
     if ( courseIds == null) {
     for ( int i = 0; i < courseIds.length ; i ++ ) {
   public Collection getCourses() {
     return cart;
   public void empty() {

The EnrollmentCartEJB implements all the methods it defined in the EnrollmentCart interface. In addition, it implements callback methods to be implemented by any session bean.

The deployment descriptor for the enrollment cart session bean is specified as follows:


The deployment descriptor for a stateful session bean is similar to that of a stateless session bean except for the element session-type (which is stateful in this case).

Passivation and Activation

The EJB container creates a separate stateful bean instance for each new connected client. In large e-commerce applications, the number of clients connected concurrently to a web site can be in the thousands. This can have an adverse effect on performance when resources are used up. Passivation and activation are mechanisms that are provided by the EJB container to manage these valuable resources, such as memory, in order to reduce the number of stateful session bean instances required to service all concurrent clients.

Passivation is the mechanism by which the EJB container stores the bean's state into a back store, such as the file system or a database. The container starts passivation as soon as the number of allocated stateful session beans exceeds a certain threshold.

The passivation process serializes all non-transient member variables to a persistent store. After serializing the enterprise bean state, the EJB container calls the ejbPassivate() method on the instance. In this method, you would close any resources, such as sockets, JDBC connections that you are holding.

Activation, on the other hand, is the process of restoring the bean state from the back store. The EJB container activates a passivated instance when the bean's client decides to continue interactions with the bean instance. After restoring the bean's state, the EJB container calls the ejbActivate() method on the instance. In this method, you would open any resources you need to service the client, such as sockets, JDBC connections, and so on.

For example, you can specify the threshold (maximum number of beans in the cache) in the deployment descriptor for the WebLogic server as follows:


As new concurrent clients request the bean's services, WebLogic creates new instances of the bean. When the 1001st client requests the bean's services, the server passivates some of the idle beans (perhaps using an LRU [Least Recently Used] algorithm).


Passivation and activation are applicable only to stateful session beans and not to stateless session beans.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020