jBoss uses a cookie by default to track the session. Most servers (jBoss included?) automatically switch from using a cookie to using URL rewrite if the user disables cookies in the browser.
I am being told by people in our team that jBoss does not do this, but it doesn't sound right. So...
Does jBoss automatically switch to URL rewrite for the session?
Or, perhaps it is necessary to turn on this feature in a configuration item?
If for some reason URL rewrite is not supported at all for the session ID, may I suggest that it would be a good idea for a future release, unless there is a specific reason (security?) to not support it.