How to hide the jsessionid id in my address bar in servlet programming

Dear Sir,

In my servlet proggram

when i am click the link of ApplicationStatus.jsp in the address bar the url link is showing http://01hw173228:81/help/ApplicationStatus.jsp.

When i submit the request it will go to servelt page in the and the request address bar is showing
http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet;jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75

My doubt is when i submit it should showing http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet

Not to display jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75.

Could you please suggest me how will i hide the jsessionid id in my address bar.

Thanks in advance.

Regards
Sumanta Panda

If you get it on every request, then you need to enable the cookies in your webbrowser. Otherwise the server will be unable to track the client and thus maintain the session.

If you get it on very first request only, then you may add a Filter which does a redirect on HttpSession#isNew().

That jsessionid got written into the URL deliberately by the code that displayed the JSP where the link appeared.

Probably because that code detected that your browser is not allowing cookies.

Bill

Hi Sumanta,

To answer this question, I need to ask you another question. Is this your first request in the session ?

Generally, it happens when the cookies are disabled. But, however even if cookies are enabled, first request will need to send jsessionid because the server does not yet know if browser supports cookies or not. Only when the second request comes back with a cookie, the server will realize that client supports cookies.

So, this is expected behavior in the first request ( whether cookies are enabled or not). But, for second request onwards, it depends on whether cookies are enabled.

Please correct me if I am wrong.

Thanks,
Kenny Kuriakose
SCJP, SCWCD, SCBCD, SCEA - part 1

Dear William,
i need to show the url link in the address bar of the browser.
But here i am not passing any jession id.
ApplicationForm.action="<%=response.encodeURL("/servlet/customerserviceServlet.ApplicationStatusSevlet")%>";

Could you please let me know if thier is any method like encodeURL which will hide the jessionid.

Thanks in advance.
Regards
Sumanta Panda

sumanta, if you carefully read the posts above, its already mentioned that you dont append the jsesionid, its done by the server.

Sumanta if you don't want to append the jsessionid to the URL, then don't encode the URL. But as everyone is saying, in that case you will not be able to maintain session of clients who have cookies disabled in their browsers

Take a look at the docs for the encodeURL method.
http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String)

Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.

For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

Parameters:
url - the url to be encoded.
Returns:
the encoded URL if encoding is needed; the unchanged URL otherwise.