Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Remove jsessionid from URL

Tags:

I'm working on a project with the following technologies:

  • Spring
  • ShiroFilter
  • PrettyFaces
  • Tomcat server

While I'm deploying it on tomcat server, I'm getting a "JSESSIONID 456jghd787aa" added at the end of the URL.

I was trying to resolve this but I'm not able to do that.

like image 233
Cijo Avatar asked Jul 04 '12 10:07

Cijo


People also ask

How do I stop Jsessionid in URL?

Set sessionManager. sessionIdUrlRewritingEnabled = false to disable appending JSESSIONID to the URL. NOTE: if a user has disabled cookies, they will NOT be able to login if this is disable.

Why does URL show Jsessionid?

The JSESSIONID is used to ensure that loadbalancers properly route communications to and from the correct client/server partners. By default, Oracle Forms requests a JSESSIONID be generated and maintained in the URL of each exchange between the client and server.

How do I block Jsessionid?

You can use the tuckey rewrite filter. You can use disableURLRewriting in the context configuration to disable this behaviour.

Where is Jsessionid from?

JSESSIONID is a cookie generated by Servlet containers and used for session management in J2EE web applications for HTTP protocol. If a Web server is using a cookie for session management, it creates and sends JSESSIONID cookie to the client and then the client sends it back to the server in subsequent HTTP requests.


1 Answers

For tomcat 7 add this to web.xml

<session-config>   <!-- Disables URL-based sessions (no more 'jsessionid' in the URL using Tomcat) -->   <tracking-mode>COOKIE</tracking-mode> </session-config> 
like image 168
NimChimpsky Avatar answered Oct 11 '22 16:10

NimChimpsky