Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary. For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.
so it will solve your problem, please find a how to use in win java.com
just wonder, whenever i use encodeURL in my form action in a servlet page, the url of the return page will have the jsessionid, parameters etc.
However, I do not want to let people see the session id etc.
But i search net and was told that it was recommended to use encodeURL.
Whenever you use encodeURL for tracking session , then you will always find the jsessionid appended to the URL's.Please note that this is an alternate way to track session ,if your clients are not cookie enabled. If cookied are enabled then use HTTPSession to track session.That is easy ,untill your requirement is to do this using encodeURL.