• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

How to hide the jsessionid id in my address bar in servlet programming

 
Ranch Hand
Posts: 224
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear Sir,

In my servlet proggram

when i am click the link of ApplicationStatus.jsp in the address bar the url link is showing http://01hw173228:81/help/ApplicationStatus.jsp.

When i submit the request it will go to servelt page in the and the request address bar is showing
http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet;jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75


My doubt is when i submit it should showing http://01hw173228:81/servlet/customerserviceServlet.ApplicationStatusSevlet

Not to display jsessionid=D9D00D2A2C7D55901DCFFF992B8F8E75.






Could you please suggest me how will i hide the jsessionid id in my address bar.

Thanks in advance.

Regards
Sumanta Panda
 
Ranch Hand
Posts: 2458
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you get it on every request, then you need to enable the cookies in your webbrowser. Otherwise the server will be unable to track the client and thus maintain the session.

If you get it on very first request only, then you may add a Filter which does a redirect on HttpSession#isNew().
 
Author and all-around good cowpoke
Posts: 13078
6
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That jsessionid got written into the URL deliberately by the code that displayed the JSP where the link appeared.

Probably because that code detected that your browser is not allowing cookies.

Bill
 
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Sumanta,

To answer this question, I need to ask you another question. Is this your first request in the session ?

Generally, it happens when the cookies are disabled. But, however even if cookies are enabled, first request will need to send jsessionid because the server does not yet know if browser supports cookies or not. Only when the second request comes back with a cookie, the server will realize that client supports cookies.

So, this is expected behavior in the first request ( whether cookies are enabled or not). But, for second request onwards, it depends on whether cookies are enabled.

Please correct me if I am wrong.

Thanks,
Kenny Kuriakose
SCJP, SCWCD, SCBCD, SCEA - part 1
 
sumanta panda
Ranch Hand
Posts: 224
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear William,
i need to show the url link in the address bar of the browser.
But here i am not passing any jession id.
ApplicationForm.action="<%=response.encodeURL("/servlet/customerserviceServlet.ApplicationStatusSevlet")%>";

Could you please let me know if thier is any method like encodeURL which will hide the jessionid.

Thanks in advance.
Regards
Sumanta Panda
 
Bartender
Posts: 2856
10
Firefox Browser Fedora Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
sumanta, if you carefully read the posts above, its already mentioned that you dont append the jsesionid, its done by the server.
 
Sheriff
Posts: 9707
43
Android Google Web Toolkit Hibernate IntelliJ IDE Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sumanta if you don't want to append the jsessionid to the URL, then don't encode the URL. But as everyone is saying, in that case you will not be able to maintain session of clients who have cookies disabled in their browsers
 
Sheriff
Posts: 13411
Firefox Browser VI Editor Redhat
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Take a look at the docs for the encodeURL method.
http://java.sun.com/j2ee/1.4/docs/api/javax/servlet/http/HttpServletResponse.html#encodeURL(java.lang.String)



Encodes the specified URL by including the session ID in it, or, if encoding is not needed, returns the URL unchanged. The implementation of this method includes the logic to determine whether the session ID needs to be encoded in the URL. For example, if the browser supports cookies, or session tracking is turned off, URL encoding is unnecessary.

For robust session tracking, all URLs emitted by a servlet should be run through this method. Otherwise, URL rewriting cannot be used with browsers which do not support cookies.

Parameters:
url - the url to be encoded.
Returns:
the encoded URL if encoding is needed; the unchanged URL otherwise.

 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic