Usually session is maintained using cookies, but there may be cases when developer can not rely on the availability of cookies(as cookies can be disabled in browsers). under such circumstances encodeURL() is used. This method first checks whether cookies are enabled on client browser or not. If cookies are disabled, than it appends jsessionid to the url, to uniquely identify the session. Following is the extract from servlet api docs. http://java.sun.com/products/servlet/2.3/javadoc/ encodeURL public java.lang.String encodeURL(java.lang.String url) Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary. For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.
String encodeRedirectURL(java.lang.String url) Encodes the specified URL for use in the sendRedirect method or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. Because the rules for making this determination can differ from those used to decide whether to encode a normal link, this method is seperate from the encodeURL method.
Prakash Dwivedi (SCJP2, SCWCD, SCBCD)
"Failure is not when you fall down, Its only when you don't get up again"