Discussions
Categories
- 196.8K All Categories
- 2.2K Data
- 235 Big Data Appliance
- 1.9K Data Science
- 449.9K Databases
- 221.6K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 549 MySQL Community Space
- 478 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 533 SQLcl
- 4K SQL Developer Data Modeler
- 186.9K SQL & PL/SQL
- 21.3K SQL Developer
- 295.5K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.2K Development Tools
- 104 DevOps
- 3.1K QA/Testing
- 645.9K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 154 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 17 Java Essentials
- 158 Java 8 Questions
- 85.9K Java Programming
- 79 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.2K Java SE
- 13.8K Java Security
- 203 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 402 LiveLabs
- 37 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.6K Other Languages
- 2.3K Chinese
- 171 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 230 Portuguese
jsessionId in URL
Hi,
I have few JSPs for which jsessionIds are getting appended in the URL, there are different ways to remove the jsessionId from the URL. What is the best possible solution. I am using weblogic. If the cookies are not enabled or cleared by the user , we need jsessionId for tracking , but if we remove jsessionId also then whether it will be a problem as there wont be any way to track the user (both cookie and session wont be there) ? Also for secure HTTPS url jsessionId is needed and will be created still by the container? Please clarify.
Thanks
Answers
-
I have few JSPs for which jsessionIds are getting appended in the URL, there are different ways to remove the jsessionId from the URL. What is the best possible solution.
DO NOTHING! That is usually the 'best' possible solution - especially when there is NO PROBLEM to be solved.
I am using weblogic. If the cookies are not enabled or cleared by the user , we need jsessionId for tracking , but if we remove jsessionId also then whether it will be a problem as there wont be any way to track the user (both cookie and session wont be there) ?
DO NOTHING!
None of what you said above indicates there is any problem. Therefore you do NOT need a 'solution'.
Also for secure HTTPS url jsessionId is needed and will be created
Why, then, would you want to remove it if it is 'needed'?
Please clarify.
Ok - if you think you have an issue or problem the standard process to follow is:
1. identify the issue/problem
2. identify solutions that will eliminate/mitigate the issue/problem
3. select a small number (2 or 3) of those possible solutions for testing
4. select the 'best' solution from those tested
Based ONLY on what you have posted you haven't done ANY of those steps.
In particular you haven't done step #1. There is NOTHING in what you have posted that even hints about any issue/problem you are facing.
-
The problem I am having is when Jsessionid is getting appended to the url, and when we select that URL it is throwing 404 error, hence I feel we need to remove the jsession I'd , also it having a security risk and SEO search not yielding proper results because of jsessionid. Pls tell me how we can remove it, if it is removed and cookie is disabled what is the impact, if we use https then whether jsessionid secure cookie will be created?