Servlet Interview Questions and Answers for 2025

Servlet filter is an object invoked at the preprocessing and postprocessing of a request. We need servlet filters for the following reason:

• Logging: Servlet filters are used to Log the request parameter to Log files. 
• Authentication: Servlet filters are used to authenticate the request received and for the response data. 
• Authorization: Authorization and Authentication works the same way with Servlet filters. 
• Formatting: Formatting of the request body/header before sending it to the servlet is handled by Servlet filters. 
• Compressing: Servlet filters compress the data which needs to be sent as a response to the client. 
• It also helps in changing the response by adding header information as well as cookies.   

<load-on-startup>1</load-on-startup>

The load-on-startup xml tag will be written in the web.xml file. Whenever we send a request for a servlet, the servlet gets placed, then the servlet container will initialize the servlet and load it.  

This process is defined in our config file called web.xml. But, by default, container will not initialize the servlet, when the context is loaded. This can be achieved by defining the servlet in a pre-initialization procedure syntax <load-on-startup>1</load-on-startup>. Then, the servlet that we have defined in the above tag will be initialized at the start when the context gets loaded before even getting the request. 

The code to write a Hello World Program using Servlets is as follows:

import java.io. *; 
import javax.servlet.*; 
import javax.servlet.http.*; 
public class HelloWorld extends HttpServlet { 
      private String message; 
      public void init() throws ServletException { 
             message = "Hello World"; 
      } 
      public void doGet(HttpServletRequest request, HttpServletResponse response) 
      throws ServletException, IOException { 
             response.setContentType("text/html"); 
             PrintWriter out = response.getWriter(); 
             out.println("<h1>" + message + "</h1>");  
      }  
      public void destroy () {  
      }  
} 

MIME type stands for Multipurpose Internet Mail Extensions, the main purpose of MIME type is to tell the user which type of response content we will be using. It gives information to the client that what type of data it is sending, it can be HTML form or XML form, or text type. So, it will be easier for the receiver to manipulate based on the type of data they are receiving. Some of the most used MIME types are text/HTML, text/ML, and application/XML and many more. 

We can use ServletContext getMimeType() method to get the correct MIME type of the file and use it to set the response content type. It is especially useful in downloading a file through servlet from the server. 

Servlet containers are also known as web containers, for example: JBoss, Tomcat etc. 

Some of the important tasks of servlet container are: 

• Communication Support: The containers of the servlets provide a flexible way of interaction between the application browser that is the client side and with JSP and servlets. As servlet provides built-in containers we do not have to manage or build socket listeners for handling the web requests from the client application.  
• Lifecycle and Resource Management: Servlet containers also play a key role in the life cycle of a servlet by managing all the input request and output responses. It controls the application from loading of servlet to memory, initializing the servlet using init (), invoking the service () and finally invocation of destroy () it will manage. The servlet container also provides Java Naming Directory Interface i.e., JNDI support for functionality management and resource pooling.  
• Miscellaneous Task: The resource pool of the servlet application, memory optimizations, handling garbage collection, security management and its configurations, hot deployment all these tasks can be handled alone by the servlet container.  

When servlet container receives client request, it invokes the service () method which in turn invokes the doGet(), doPost() methods based on the HTTP method of request. The whole purpose of service () method is to forward the request to corresponding HTTP method for implementation. In case, if we want to do some pre-processing of request, we can go for servlet filters and listeners.

HttpServlet init() method and destroy() method are called only once in the servlet life cycle, so we do not need to worry about their synchronization. But the service methods such as doGet() or doPost() will be called for every client request. Since servlet uses multithreading concept, we should provide thread safety in these methods.  

If there are any local variables in service methods, we do not need to worry about their thread-safety because they are specific to each thread but if we have a shared resource then we can use synchronization to achieve thread-safety in servlets when working with shared resources. The thread safety mechanisms are like thread safety in standalone java application.  

These types of questions one can also expect in java servlet interview questions and answers for experienced level because it holds the concepts of both Java and servlet. 

An abstract class is nothing but hiding the implementation details and providing only the functionality to the end user. 

In case of HttpServlet, HttpServlet class provides a HTTP protocol implementation of servlet, but it is defined as an abstract class because there is no implementation logic in vice() methods such as doGet() and doPost() and we should override at least one of the service methods. That is why there is no point in having an instance of HttpServlet and it is declared an abstract class.  

A staple in Java Servlet interview questions be prepared to answer this one. Consider a scenario where we must initialize some resources before our servlet processes client requests. Then we should override the init() method.  

If we override init(ServletConfig config) method, then the first statement should be super(config) to make sure the superclass init(ServletConfig config) method is invoked first.  

That is why GenericServlet provides another helper init() method without argument that gets called at the end of init(ServletConfig config) method. We should always utilize this method for the overriding init() method to avoid any issues as we may forget to add super() call in overriding init() method with ServletConfig argument. 

 The GET and the POST methods are known as the HTTP methods of web applications. The major difference between these Get and post methods are:  

1. GET i.e., get () is safe and are idempotent. Whereas POST i.e., post () are non-idempotent methods and considered not safe. 
2. Using get () method we can send only limited data and these data are sent in the header request URL, but in terms of post (), we can send large amount of data and the data is sent as a part of request body. 
3. In terms of security, get () method is not secure, as the data is exposed in the header URL so user can easily bookmark the request and can send the same request back-to-back, when it comes to post (), it is more secure because the data is sent as a part of request body, and it is not possible to bookmark post () request. 
4. The default HTTP method is gotten (), whereas for post () we need to specify. 

Example forget () is the hyperlinks used in the application pages. 

The ServletConfig which is present in javax.servlet.ServletConfig package, is used to pass configuration information to the servlet. Every servlet has its own ServletConfig object. For instantiation of ServletConfig object is handled by servlet container. We can specify the parameters in web.xml file or we can also mention using annotation that is @webInitParam(). Also, ServletConfig provides getServletConfig() method to get the object of ServletConfig from the servlet.

The ServletContext is present in javax.servlet.ServletContext package. This package provides access to the parameters of servlet application. The ServletContext is known to be the unique object which can be accessible by all the servlet based, web applications.  

Consider a case, where we want to call init() to all our servlet application or it could be a multiple init() method call scenario, in such cases we can go for ServletContext object then we can define respected parameters in the web.xml file using the xml element <context-param>. 

To access ServletContext object we can call getServletContext() method of ServletConfig. It also provides context objects which are unique for handling group of servlets and are tied to the specific part of the URL. 

ServletContext also provides some utility functions some of them are getMimeType() method, getResourceAsStream() method etc. Also, it has been enhanced with its features in Specs 3, so we can add servlet listeners, servlet filters programmatically to the application. 

Let us understand the differences between ServletConfig and ServletContext: 

1. ServletConfig creates a unique object per servlet whereas ServletContext is a unique object for the entire application. 
2. ServletConfig is used to provide the init() configuration and parameters to the servlet, whereas ServletContext is used to provide application level init() method parameters, so these parameters can be accessed by all other servlets used in the application. 
3. In terms of ServletConfig we cannot set attributes externally, but in ServletContext we can set attributes so the existing or new servlets can be used for their implementation.  

Servlet Wrapper classes are nothing but HTTP API's. They provide two wrapper classes they are, HttpServletRequestWrapper and HttpServletResponseWrapper. These wrapper classes are used to provide support to the developers in writing custom implementation of the servlet request and response types. We can also extend these classes and override specific methods needed to implement custom request object and response object. Also, these Servlet wrapper classes are not used in general servlet programming.

Servlet Chaining is a way where the output of one servlet is piped to the input of another servlet, and the output of that servlet can be piped to the input of yet another servlet and so on. Each servlet in the pipeline can either change or extend the incoming request. The response is returned to the browser from the last servlet within the servlet chain.  

In the middle, the output out of each servlet is passed as the input to the next servlet, so every servlet within the chain has an option to either change or extend the content. The figure below represents this. Servlets can help in creating content via servlet chaining. 

This question is a regular feature in Servlet Interview Questions, be ready to tackle it. It is standard to have a single servlet instance for each registered name of the servlet. However, instead of this, it is also possible for a servlet to choose to have a pool of instances created for each of its names that all share the task of handling requests. These servlets indicate this action by implementing the javax.servlet.SingleThreadModel interface. 

According to the Servlet API documentation, a server loading the SingleThreadModel servlet should guarantee, “that no two threads will execute concurrently the service method of that servlet.” Each thread uses a free servlet instance from the pool to achieve this. Therefore, any servlet using the SingleThreadModel isn’t needed to synchronize usage to its instance variables and is considered thread-safe. 

Let us know the major differences between ServletConfig and ServletContext below: 

Syntax for ServletConfig: 

public ServletConfig getServletConfig();  
Example of ServletConfig: ServletConfig config=getServletConfig(); 

Syntax for ServletContext: 

public ServletContext getServletContext(); 
Example for ServletContext: ServletContext application=getServletContext(); 

The public service method converts the ServletRequest object into the HttpServletRequest type and ServletResponse object into the HttpServletResponse type. Then, call the service method passing these objects. The internal code is as below:

public void service (ServletRequest req, ServletResponse res) throws ServletException, IOException  {   
           HttpServletRequest request;   
HttpServletResponse response;   
            try   
    {   
            request = (HttpServletRequest)req;   
            response = (HttpServletResponse)res;   
        }   
        catch(ClassCastException e)   
        {   
            throw new ServletException("non-HTTP request or response");   
        }   
        service (request, response);   
    }   

Exception Handling is mechanism, where it disturbs the normal flow of the application. In case of servlets, it internally calls the doGet() and doPost() methods and these methods will throw ServletException and IOException. But the exceptions can only be handled in the backend code and the browser does not understand these exceptions.  

So, when an exception is thrown by the application, then the servlet container processes the exception internally and generates the HTML pages by sending HTTP code like 404, 500 based on the exception. 

In servlets, to handle the programming exceptions, servlets API supports customized exceptions and error handling servlets which we can configure in the deployment descriptor. This deployment descriptor helps in sending the response in the form HTML pages with appropriate error page so user can understand what went wrong. 

The Web.XML configuration is as follows: 

<error-page> 
    <error-code>404</error-code> 
    <location>/AppExceptionHandler</location> 
</error-page> 
<error-page> 
    <exception-type>javax.servlet.ServletException</exception-type> 
    <location>/AppExceptionHandler</location> 
</error-page> 

Java application runs from the main () method, but in terms of servlet, it does not have a main () method instead of that is has servlet web containers. The web container receives the request from the client and then sends back the response using the appropriate servlet.

Yes, we can refresh a servlet automatically in a few ways. One such way is to add "Refresh” response header, which contains the number of seconds after which the refresh should occur. Below example shows how refresh can be triggered:

import java.io.IOException; 
import java.io.PrintWriter; 
import java.util.Date; 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
  
public class TestServlet extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet { 
      private static final long serialVersionUID = 1L; 
      protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { 
            performTask(request, response); 
      } 
      protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, 
      IOException { 
            performTask(request, response); 
      } 
      private void performTask(HttpServletRequest request, HttpServletResponse response) throws ServletException, 
      IOException { 
            response.setContentType("text/html"); 
            response.addHeader("Refresh", "5"); 
            PrintWriter out = response.getWriter(); 
            out.println("TestServlet says hi at " + new Date()); 
      } 
} 

 Let us understand the differences between sendRedirect() and forward()  

• sendRedirect(): sendRedirect() method is defined in HttpServletResponse Interface. 

The syntax for the sendRedirect() method is as follows: 

void sendRedirect(String URL) 

This method redirects the request received from the client and sends it to different servers or context. These scenarios are handled by web containers. The web containers transfer the request using the browser as a new request. The process is called client-side redirect. 

• forward (): forward () method is defined in the RequestDispatcher Interface. 

The syntax for the forward() method is as follows: 

forward(ServletRequest request, ServletResponse response) 

The forward() method processes the request within the same server and then passes it to servlets or jsp files. It is handled by Web container. When the forward() method is called, the request is sent to other resource and the information related to client is mentioned in the requestDispatcher object either using ServletContext or request. 

The service() method is said to be the starting point of the servlet application as how we have main() method in java. The service() method is called by the servlet container to handle the requests coming from the client/browsers and it sends the required response based on the request.  

For every request, the server creates a new thread and then calls the service() method. Then the service() checks the HTTP request type and sends it to the respective method. 

Example:

public void service(ServletRequest request, ServletResponse response) 
throws ServletException, IOException{ 
} 

The container calls the service() method and service method invokes doGet(), doPost(), doPut(), doDelete(), methods as needed. And we must override either doGet(s) or doPost() depending on the client-side request.  

Cookie can be created using the following steps: 

Step 1: Creating a Cookie object 

First, call the Cookie constructor using cookie name and cookie value of datatype String. The symbols ([] () =,” /? @: ;) should be taken care of while declaring name and values. 

Cookie cookie = new Cookie ("key", "value"); 

Step 2: Setting the maximum age 

We can use setMaxAge to specify how long the cookie should be valid. Example the following code is to set up a cookie for 24 hours. 

cookie.setMaxAge(60*60*24); 

Step 3: Sending the Cookie into the HTTP response headers 

We can also send cookie in the response header using response.addCookie  

Example:  response.addCookie(cookie); 

Servlet reloading may appear to be a simple feature, but it is quite a trick and requires quite a hack. The objects in ClassLoader are developed to load a class just once. To solve this limitation and to load servlets multiple times, servers use custom class loaders. These custom class loaders load servlets from the default servlets directory. 

When a server dispatches a request to a servlet, it first checks if the servlet’s class file has changed on disk. If the change appears, then the server abandons the class that the loader used to load the old version and then creates a new instance of the custom class loader to load the new version. Old servlet versions can stay in memory indefinitely, but the old versions are not used to handle any more requests.

In the below example, we are storing the username in the cookie object and then referring it using another servlet. As we know each session differs for each user. So, if we try to access the user data from other browsers using different values, we will get a different output.  

Index.html 

<form action="servlet1" method="post">   
         Name:<input type="text" name="userName"/><br/>   
        <input type="submit" value="go"/>   
</form>

FirstServlet.java

import java.io.*;   
import javax.servlet.*;   
import javax.servlet.http.*;   
public class FirstServlet extends HttpServlet {   
  public void doPost(HttpServletRequest request, HttpServletResponse response){   
    try {   
    response.setContentType("text/html");   
    PrintWriter out = response.getWriter();            
    String n=request.getParameter("userName");   
    out.print("Welcome "+n);   
    Cookie ck=new Cookie("uname",n);//creating cookie object   
    response.addCookie(ck);//adding cookie in the response   
    //creating submit button   
    out.print("<form action='servlet2'>");   
    out.print("<input type='submit' value='go'>");   
    out.print("</form>");          
    out.close();  
        }catch(Exception e){System.out.println(e);}   
  }   
} 

SecondServlet.java 

import java.io.*;   
import javax.servlet.*;   
import javax.servlet.http.*;   
public class SecondServlet extends HttpServlet {   
public void doPost(HttpServletRequest request, HttpServletResponse response){   
    try{   
    response.setContentType("text/html");   
    PrintWriter out = response.getWriter();   
    Cookie ck[]=request.getCookies();   
    out.print("Hello "+ck[0].getValue());   
    out.close();   
         }catch(Exception e){System.out.println(e);}   
    }     
} 

Web.xml

<web-app>   
<servlet>   
<servlet-name>s1</servlet-name>   
<servlet-class>FirstServlet</servlet-class>   
</servlet>    
<servlet-mapping>   
<servlet-name>s1</servlet-name>   
<url-pattern>/servlet1</url-pattern>   
</servlet-mapping>   
<servlet>   
<servlet-name>s2</servlet-name>   
<servlet-class>SecondServlet</servlet-class>   
</servlet>     
<servlet-mapping>   
<servlet-name>s2</servlet-name>   
<url-pattern>/servlet2</url-pattern>   
</servlet-mapping>   
</web-app>   

We can define a constructor for servlet, but I don't think it is of any use because we won't be having access to the ServletConfig object until unless servlet is initialized by the container. Ideally, if we must initialize any resource for the servlet, we should override init() method where we can access servlet init parameters using ServletConfig object.

Servlet attributes are used for inter-servlet communication, we can set, get, and remove attributes in web application. There are three scopes for servlet attributes – request scope, session scope and application scope. ServletRequest, HttpSession, and ServletContext interfaces provide methods to get/set/remove attributes from request, session, and application scope, respectively. Servlet attributes are different from init parameters defined in web.xml for ServletConfig or ServletContext.

Below are the steps to be followed while creating JDBC connection:

First, import JDBC packages, Register the JDBC driver class: After importing the packages, we must register the driver class, so the JVM loads the desired Driver implementation into memory. We can use java's forName() method to register the driver class into memory. And this method invokes and registers the driver automatically.

try { 
     Class.forName("oracle.jdbc.driver.OracleDriver"); 
} 
catch(ClassNotFoundException ex) 
       System.out.println("Error: unable to load driver class!"); 
       System.exit(1); 
} 

The second approach to register a driver is to use the static registerDriver()method.

try { 
      Driver userDriver= new oracle.jdbc.driver.OracleDriver(); 
      DriverManager.registerDriver( userDriver); 
} 
catch(ClassNotFoundException ex){ 
      System.out.println("Error: unable to load driver class!"); 
      System.exit(1); 
} 

After loading the driver, we can establish connection to the Driver Manager using DriverManager.getConnection() method −

• getConnection(String url)
• getConnection(String url, Properties prop)
• getConnection(String url, String user, String password)

Create a connection object

Now we can create a connection using the database URL, username, and password and, we can use properties object.

Close Connection:

Finally, to end the database session, we must close all the database connections. If closing the connection is not handled by the development team, Java’s garbage collector will close the connection.

conn.close();