URL rewriting means to encode the session ID in all URLs that are generated in the pages created by a web app. It's the same ID that otherwise would be stored and transferred in a cookie. It has the drawback that all URLs need to be generated via the HttpServletResponse.encodeURL method.
Thanks for your answer.But,i am not understanding how i know the
session id to encode in the url.So,please give me a small programme about
this topic.I did not understand how the client manages session traking
using this technique,so please give me a small code to me.
You don't encode the session ID in an URL - that's what the call to encodeURL does. The client (browser in this case) has nothing to do with session handling - it's all done by the servlet container.
Why don't you test it by writing a servlet that generates a page containing a link to itself (and creates a session if none exists), turn off cookies in your browser, go to that page, click the link, and see what happens.
In the future, please use the forum for follow-ups, so that everyone can see it. That's what they're there for.
[ March 03, 2007: Message edited by: Ulf Dittmer ]
how the server knows the request is from the same client on this technique.
Considering the following two cases for the very first request from the web browser to the web container,
a. If the browser supports cookie, the cookie info will be included in the HttpServletRequest. The web container would know who the requestor was. For subsequence request, the container may continue using cookie (or it may use sessionid) to detect the requestor.
b. If cookie is not supported, the web container will have no idea who the requestor was. For subsequence request, the container would depend on jsessionid (which generated by HttpServletResponse.encodeURL)to identify the requestor.
In both cases after the first request, the web container can use sessionid to identify the requestor.
[ March 04, 2007: Message edited by: vu lee ]
yeah...lee is absolutely right. The encodeURL(), will change your normal http URL to <url>?jsessionid=2089718#...For an example, "www.amazon.com" woulds be changed to "www.amazon.com?jsessionid='2089718#'". The servlet container, needs session id either though the HttpSession/Cookie/URL rewriting, to understand the client's session/session's validity. In this case, jsessionid will give you the session tracking key.