Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

jsessionid is occurred in all urls which are generated by jstl <c:url..> tag

Tags:

jsp

jstl

jsessionid

I've got some strange bug: when I open page first time in some browser all references has jsessionid parameter (like <a href="/articles?name=art&jsessionid=5as45df4as5df"..>).

When I press F5 or refresh the page by any other ways all that stuff is disappeared and everything works fine until I close my browser (and all tabs should be closed too). When I open it again I see this strange jsessionid parameter.

I use jstl <c:url..> tag for creating all URLs.

I've read some time ago that jsessionid is an alternative to cookies if cookies are disabled, but cookies are enabled and I actually don't use cookies.

like image 574
Roman Avatar asked Jun 25 '09 19:06

Roman

People also ask

How do I stop Jsessionid in URL?

Set sessionManager. sessionIdUrlRewritingEnabled = false to disable appending JSESSIONID to the URL. NOTE: if a user has disabled cookies, they will NOT be able to login if this is disable.

Why does URL show Jsessionid?

The JSESSIONID is used to ensure that loadbalancers properly route communications to and from the correct client/server partners. By default, Oracle Forms requests a JSESSIONID be generated and maintained in the URL of each exchange between the client and server.

How is Jsessionid generated?

JSESSIONID is a cookie generated by Servlet containers and used for session management in J2EE web applications for HTTP protocol. If a Web server is using a cookie for session management, it creates and sends JSESSIONID cookie to the client and then the client sends it back to the server in subsequent HTTP requests.

1 Answers

This isn't a bug, it's by design. When a new session is created, the server isn't sure if the client supports cookies or not, and so it generates a cookie as well as the jsessionid on the URL. When the client comes back the second time, and presents the cookie, the server knows the jsessionid isn't necessary, and drops it for the rest of the session. If the client comes back with no cookie, then the server needs to continue to use jsessionid rewriting.

You may not explicitly use cookies, but you do implicitly have a session, and the container needs to track that session.

like image 135
skaffman Avatar answered Oct 03 '22 12:10

skaffman
Sign in to Comment

Related questions

Include JSTL dependency with Maven
how to get the base url from jsp request object?
JSTL iterate over list of objects
Where is the "work" directory located for a Tomcat instance running in Eclipse?
Highcharts :Uncaught TypeError: $(...).highcharts is not a function
Multiple submit buttons in the same form calling different Servlets
Static Final Long serialVersionUID = 1L [duplicate]
Java EE 6: JSF vs Servlet + JSP. Should I bother learning JSF?
Format Date with fmt:formatDate JSP
How do I round a number in JSTL?
_jspService is exceeding the 65535 bytes limit
Google App Engine JSP can't deploy: java.lang.RuntimeException: Cannot get the System Java Compiler. Please use a JDK, not a JRE
simple error due to use of double quotes in a jsp file
Expression Language in JSP not working [duplicate]
Get all parameters from JSP page
Use JS variable to set the src attribute for <script> tag
difference between eq and == in JSP
OpenID Java [closed]
JSP vs Velocity what is better?
Using for loop inside of a JSP

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!