• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

jsessionId in the URL throwing error page

 
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi,

I have few JSPs for which jsessionIds are getting appended in the URL, there are different ways to remove the jsessionId from the URL. What is the best possible solution. I am using weblogic. If the cookies are not enabled or cleared by the user , we need jsessionId for tracking , but if we remove jsessionId also then whether it will be a problem as there wont be any way to track the user (both cookie and session wont be there) ? Also for secure HTTPS url jsessionId is needed? and will be created still by the container? Please clarify.

Thanks
 
Rithanya Laxmi
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Experts any update on this?
 
Ranch Hand
Posts: 376
2
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hello,

I don't understand the whole picture.

You want to remove jsessionid, but still track a web session ?

Regards,

Germán

 
German Gonzalez-Morris
Ranch Hand
Posts: 376
2
Eclipse IDE Firefox Browser Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Anyway, you can use cookies instead, and this must be configured in weblogic.xml

https://docs.oracle.com/middleware/1212/wls/WBAPP/weblogic_xml.htm#r14c1-t9

 
Rithanya Laxmi
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, if i enable the cookies in weblogic.xml, if the user clears the cookie in his browser what will happen? whether still the Cookie will be enabled as we are removing all the jsessionId? please clarify.
 
Sheriff
Posts: 22783
131
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If a user removes all his cookies, including the session cookie, then WebLogic will not recognise an existing session for the next request. It's up to your application to determine what to. Probably the user needs to login again.
 
Rithanya Laxmi
Ranch Hand
Posts: 255
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, is there any other option other than the application prompting user to login again to track the user session? I understand that if both cookie and session cookie are removed the only way is to ask the user to login? Is there any other alternative
 
Rob Spoor
Sheriff
Posts: 22783
131
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If the user removed his session id cookie, there is no chance your application can identity this user accurately. You can't use the IP address because the user may share his Internet connection with others (e.g. in companies, or even home networks).
 
reply
    Bookmark Topic Watch Topic
  • New Topic