The javadocs say:
The request context is destroyed:
- at the end of the servlet request, after the service() method, all
doFilter() methods, and all requestDestroyed() and onComplete()
The session context is destroyed when the HTTPSession times out, after all
HttpSessionListeners have been called, and at the very end of any request in
which invalidate() was called, after all filters and ServletRequestListeners
have been called.
Those definitions are different.
The session context rule seems to be a combination of "or" items that
include some "and" items. It's difficult to parse. It would be clearer
if it was written as a list. And, like request scoped, it would be clearer
if it described when the session scope/context is created.
- is related to
CDI-405 Reword the description of @RequestScoped and @ApplicationScoped in section 2.4.1