I see this is old, but a google search brought me here so I'm adding an answer...
The
Servlet 3.0 standard gives you two ways to disable URL session rewriting. This works in
Tomcat 7, Glassfish v3, and any other Servlet 3.0-compliant servlet container. First, you can add this to your web.xml webapp config:
Or programmatically, you can use:
Found from this url:
https://fralef.me/tomcat-disable-jsessionid-in-url.html
OR this url:
http://stackoverflow.com/questions/962729/is-it-possible-to-disable-jsessionid-in-tomcat-servlet