-
1. Re: jsessionid
It is my understanding that if cookies are disabled on the browser, then the jsessionid appears in the URL. So if you want to get rid of jsession in the URL, the browser must allow cookies.
-
2. Re: jsessionid
That was my understanding. But that does seem to happen if you do a 302.
Look at dull headers output. You can see the cookie being set and the Location having the jsessionid.
Any idea why I'm getting both?
Thankshttp://www-mysite.com:8081/client GET /client HTTP/1.1 Host: www-mysite.com:8081 User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Found Location: http://www-mysite.com:8081/client/ Content-Length: 0 Server: Jetty(6.1H.5-beta) ---------------------------------------------------------- http://www-mysite.com:8081/client/ GET /client/ HTTP/1.1 Host: www-mysite.com:8081 User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 302 Found Location: http://www-mysite.com:8081/client/welcome.html;jsessionid=v4ak3v4narho Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: JSESSIONID=v4ak3v4narho;Path=/client Content-Length: 0 Server: Jetty(6.1H.5-beta) ---------------------------------------------------------- http://www-mysite.com:8081/client/welcome.html;jsessionid=v4ak3v4narho GET /client/welcome.html;jsessionid=v4ak3v4narho HTTP/1.1 Host: www-mysite.com:8081 User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive Cookie: JSESSIONID=v4ak3v4narho HTTP/1.x 200 OK Content-Type: text/html; charset=iso-8859-1 Expires: Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie: mysite=mysite Content-Language: en-US Content-Length: 1238 Server: Jetty(6.1H.5-beta) ---------------------------------------------------------- http://www-mysite.com:8081/favicon.ico GET /favicon.ico HTTP/1.1 Host: www-mysite.com:8081 User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 Accept: image/png,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 300 Connection: keep-alive HTTP/1.x 200 OK Content-Type: image/x-icon Content-Length: 1150 Last-Modified: Thu, 13 Sep 2007 23:13:45 GMT Server: Jetty(6.1H.5-beta) ----------------------------------------------------------
-
-
-
5. Re: jsessionid
If I recall correctly, on first access to a server app, the server sends both the jsessionid in url and the creation of the cookie. Then, if in subsequent requests the user sends the cookie, it doesn't put the jsessionid anymore for that session (unless you configure it for not using cookies). The first time does both because it doesn't know if the user has cookies enabled or not. Maybe it helps.