File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes jsessionid Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "jsessionid " Watch "jsessionid " New topic


Sharma Anjali
Ranch Hand

Joined: Feb 22, 2005
Posts: 63
Page 266 Ques 5 HF

Which statements abt session tracking are true

Option given as correct is

D. When using cookies for session tracking , the name of the session tracking cookie must be JSESSIONID

But in Page 237 its given (In last A: )
And while tomcat adds "jsessionid=" in the rewritten url another vendor might append only session id itself.

Does this mean for cookies "JSESSIONID" is defined by spec and for url rewriting jsessionid is vendor specific?
Danny Vittal

Joined: Feb 24, 2005
Posts: 10
When the cookies are disabled in the client side, session id must be included as one of the parameters in the URL to do session handling and the parameter name must be "jsessionid" (as defined in the spec).
To achieve this, we use encodeRedirectURL(url) or encodeURL(url) methods in the HttpServletResponse interface. The passed url string will be modified if encoding is required or returns the url unchanged if not. The implementation of these two methods are vendor specific, but the intention of these methods are to add the jsessionid as one of the parameter to the given url. The way jsessionid added to the url can be vendor specific, the only restriction is the name of the parameter should be "jsessionid".
I hope you are satisfied with the explanation.

I agree. Here's the link:
subject: jsessionid
It's not a secret anymore!