Forum Stats

  • 3,817,470 Users
  • 2,259,339 Discussions
  • 7,893,789 Comments

Discussions

jsessionId in URL

User_19BPU
User_19BPU Member Posts: 1,086 Blue Ribbon
edited Oct 28, 2017 5:11AM in Java Programming

Hi,

I have few JSPs for which jsessionIds are getting appended in the URL, there are different ways to remove the jsessionId from the URL. What is the best possible solution. I am using weblogic. If the cookies are not enabled or cleared by the user , we need jsessionId for tracking , but if we remove jsessionId also then whether it will be a problem as there wont be any way to track the user (both cookie and session wont be there) ? Also for secure HTTPS url jsessionId is needed and will be created still by the container? Please clarify.

Thanks

handat

Answers

  • Unknown
    edited Oct 27, 2017 12:05PM
    I have few JSPs for which jsessionIds are getting appended in the URL, there are different ways to remove the jsessionId from the URL. What is the best possible solution.

    DO NOTHING! That is usually the 'best' possible solution - especially when there is NO PROBLEM to be solved.

    I am using weblogic. If the cookies are not enabled or cleared by the user , we need jsessionId for tracking , but if we remove jsessionId also then whether it will be a problem as there wont be any way to track the user (both cookie and session wont be there) ?

    DO NOTHING!

    None of what you said above indicates there is any problem. Therefore you do NOT need a 'solution'.

    Also for secure HTTPS url jsessionId is needed and will be created 

    Why, then, would you want to remove it if it is 'needed'?

    Please clarify.

    Ok - if you think you have an issue or problem the standard process to follow is:

    1. identify the issue/problem

    2. identify solutions that will eliminate/mitigate the issue/problem

    3. select a small number (2 or 3) of those possible solutions for testing

    4. select the 'best' solution from those tested

    Based ONLY on what you have posted you haven't done ANY of those steps.

    In particular you haven't done step #1. There is NOTHING in what you have posted that even hints about any issue/problem you are facing.

    handat
  • User_19BPU
    User_19BPU Member Posts: 1,086 Blue Ribbon
    edited Oct 28, 2017 5:11AM

    The problem  I am having is when Jsessionid is getting appended to the url, and when we select that URL it is throwing 404 error, hence I feel we need to remove the jsession I'd , also it having a security risk and SEO search not yielding proper results because of jsessionid. Pls tell me how we can remove it, if it is removed and cookie is disabled what is the impact, if we use https then whether jsessionid secure cookie will be created?

This discussion has been closed.