configure JSESSIONID

Hi,

I have seen in many application where after the url there is string appended "JSESSIONiD".
what are the steps to configure "JSESSIONID" in tomcat?
RockingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rrzCommented:
what are the steps to configure "JSESSIONID" in tomcat?
If the client does not allow a session cookie, then url rewriting can be used. Each link to your web app that is sent to the client must be encoded using HttpServletResponse's  encodeURL or encodeRedirectURL methods.  Please use this demonstration code. You can block cookies in Google's Chrome browser.  
<%
  String url = request.getContextPath() +  request.getServletPath();
  String encodedURL = response.encodeURL(url);
  if(session.getAttribute("numberOfRequests") == null)session.setAttribute("numberOfRequests", 0);
  session.setAttribute("numberOfRequests", (Integer)session.getAttribute("numberOfRequests") + 1); 
%>
The session id is ${pageContext.session.id}<br/>
Is the session new? ${pageContext.session['new']}<br/>
Did the client send the session id in the url? ${pageContext.request.requestedSessionIdFromURL}<br/>
Did the client send the session id in a cookie? ${pageContext.request.requestedSessionIdFromCookie}<br/>
URL of this page is <%=url%><br/>
Encoded URL is <%=encodedURL%> <br/>
Number of requests in this session is ${numberOfRequests}<br/>
Use the links below to refresh this page.<br/>
<a href="<%=url%>">Not encoded request</a>&nbsp;&nbsp;&nbsp;<a href="<%=encodedURL%>">Encoded request</a>

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
RockingAuthor Commented:
are there any configuration in server also for jsession id?
0
rrzCommented:
You could set the <session-timeout> in your web app's web.xml  .   But the session tracking mechanisms are built-in.
0
Cloud Class® Course: Microsoft Exchange Server

The MCTS: Microsoft Exchange Server 2010 certification validates your skills in supporting the maintenance and administration of the Exchange servers in an enterprise environment. Learn everything you need to know with this course.

RockingAuthor Commented:
I mean to say other than coding is there any way for configuring jsession id in tomcat?
0
rrzCommented:
What properties do you want to configure?  Are you talking about the tracking mechanisms?
0
RockingAuthor Commented:
yes
0
rrzCommented:
I mean to say other than coding is there any way for configuring jsession id in tomcat?
No. It is like I posted above here. Did you try my demonstration JSP? If you don't encode your links, then url rewriting won't work. If the client uses a session cookie, then Tomcat won't use url rewriting. When the session is new, Tomcat uses both because it doesn't know whether the client will accept the cookie. Please try my demonstration JSP.
0
RockingAuthor Commented:
If the client does not allow a session cookie
In case client allows cookie then what is the procedure?
0
rrzCommented:
In case client allows cookie then what is the procedure?
If the client allows a session cookie, then the programmer doesn't have to do anything to track the session. In a JSP, the session is automatically created. The programmer would have to purposely prevent creation of a session by adding session="false" to the page directive. A JSP can access the implicit variable named session.  In a Servlet, the programmer must purposely create the session. The HttpServletRequest class has methods to create and access  the session.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Servers

From novice to tech pro — start learning today.