File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Component Certification (SCWCD/OCPJWCD) and the fly likes question about cookie jsessionid Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Web Component Certification (SCWCD/OCPJWCD)
Bookmark "question about cookie jsessionid" Watch "question about cookie jsessionid" New topic

question about cookie jsessionid

Amit Saini
Ranch Hand

Joined: Oct 20, 2004
Posts: 280
When exactly is the JSESSIONID cookie set on the browser?
I access my JSP page from a browser after clearning all of the browsers cookies. The JSP page contains only a text box and a submit button.
As soon as the jsp page loads, I can view the Jsessionid cookie being set on the browser.
Why is this so? I thought the cookie is set only when a response is returned to the client. In this case, I've not returned any response to the client from the servlet. In fact, I have not hit the servlet at all !
Where am I going wrong?
stan ioffe

Joined: Jun 30, 2005
Posts: 16
I think, (and i could be wrong ), your browser's cookies are disabled, thus, the URL is automatically re-written with an appended jsessionID.

Below is an extract from which is under "Session Tracking".
If cookies are turned off, the session is encoded in the Check Out URL as follows:

If cookies are turned on, the URL is simply
Amit Saini
Ranch Hand

Joined: Oct 20, 2004
Posts: 280
No, the browsers cookies are enabled. If they were not enabled, I wouldnt see the list of cookies when I click on View Cookies in Firefox.

I see no ?jessionid=xxxxxxxxxx in the URL which means URL writing is not being used.

As soon as I clear all the cookies in my Firefox and hit the JSP page and view the cookie list again, I immediately see a cookie called JSESSIONID.

Cant understand what the hell is going on !!
Wasted an hour on my job figuring this out !!

Anyone got any clue ?
Narendra Dhande
Ranch Hand

Joined: Dec 04, 2004
Posts: 951

When you access the JSP in browser, the session attribute of the page directive is true by default. so the session is created and activated by default when you access the page. If you want more testing you can set session attribute to false, so no new session is created or check if session is new in the JSP. I think the session.isNew() method will return always false for default JSP page setting as the session is always established when the page is accessed.

Hope it help you


Narendra Dhande
SCJP 1.4,SCWCD 1.4, SCBCD 5.0, SCDJWS 5.0, SCEA 5.0
Amit Saini
Ranch Hand

Joined: Oct 20, 2004
Posts: 280
Yes, that makes sense. Thanks for your help !
Indeed, session.isNew always kept returning false even when I accessed for the first time.
I agree. Here's the link:
subject: question about cookie jsessionid
It's not a secret anymore!