Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes Servlets and the fly likes How to hide  the jsessionid id in my address bar in servlet programming Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "How to hide  the jsessionid id in my address bar in servlet programming" Watch "How to hide  the jsessionid id in my address bar in servlet programming" New topic
Author

How to hide the jsessionid id in my address bar in servlet programming

sumanta panda
Ranch Hand

Joined: Jun 23, 2008
Posts: 224
Dear Sir,

In my servlet proggram

when i am click the link of ApplicationStatus.jsp in the address bar the url link is showing http://01hw173228:81/help/ApplicationStatus.jsp.

When i submit the request it will go to servelt page in the and the request address bar is showing
http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet;jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75


My doubt is when i submit it should showing http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet

Not to display jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75.






Could you please suggest me how will i hide the jsessionid id in my address bar.

Thanks in advance.

Regards
Sumanta Panda
Bauke Scholtz
Ranch Hand

Joined: Oct 08, 2006
Posts: 2458
If you get it on every request, then you need to enable the cookies in your webbrowser. Otherwise the server will be unable to track the client and thus maintain the session.

If you get it on very first request only, then you may add a Filter which does a redirect on HttpSession#isNew().
William Brogden
Author and all-around good cowpoke
Rancher

Joined: Mar 22, 2000
Posts: 12835
    
    5
That jsessionid got written into the URL deliberately by the code that displayed the JSP where the link appeared.

Probably because that code detected that your browser is not allowing cookies.

Bill
Kenny Kuriakose
Greenhorn

Joined: Nov 20, 2006
Posts: 7
Hi Sumanta,

To answer this question, I need to ask you another question. Is this your first request in the session ?

Generally, it happens when the cookies are disabled. But, however even if cookies are enabled, first request will need to send jsessionid because the server does not yet know if browser supports cookies or not. Only when the second request comes back with a cookie, the server will realize that client supports cookies.

So, this is expected behavior in the first request ( whether cookies are enabled or not). But, for second request onwards, it depends on whether cookies are enabled.

Please correct me if I am wrong.

Thanks,
Kenny Kuriakose
SCJP, SCWCD, SCBCD, SCEA - part 1
sumanta panda
Ranch Hand

Joined: Jun 23, 2008
Posts: 224
Dear William,
i need to show the url link in the address bar of the browser.
But here i am not passing any jession id.
ApplicationForm.action="<%=response.encodeURL("/servlet/customerserviceServlet.ApplicationStatusSevlet")%>";

Could you please let me know if thier is any method like encodeURL which will hide the jessionid.

Thanks in advance.
Regards
Sumanta Panda
Amit Ghorpade
Bartender

Joined: Jun 06, 2007
Posts: 2718
    
    6

sumanta, if you carefully read the posts above, its already mentioned that you dont append the jsesionid, its done by the server.


SCJP, SCWCD.
|Asking Good Questions|
Ankit Garg
Sheriff

Joined: Aug 03, 2008
Posts: 9321
    
  17

Sumanta if you don't want to append the jsessionid to the URL, then don't encode the URL. But as everyone is saying, in that case you will not be able to maintain session of clients who have cookies disabled in their browsers


SCJP 6 | SCWCD 5 | Javaranch SCJP FAQ | SCWCD Links
Ben Souther
Sheriff

Joined: Dec 11, 2004
Posts: 13410

Take a look at the docs for the encodeURL method.
http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String)



Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.

For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

Parameters:
url - the url to be encoded.
Returns:
the encoded URL if encoding is needed; the unchanged URL otherwise.


Java API J2EE API Servlet Spec JSP Spec How to ask a question... Simple Servlet Examples jsonf
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: How to hide the jsessionid id in my address bar in servlet programming