Actually this is not so uncommon, an there are many 'good' reasons to do
so, see:
http://randomcoder.com/articles/jsessionid-considered-harmful
Here is an example of a filter that takes care of this:
http://randomcoder.com/repos/public/randomcoder-website/tags/1.0.3/WEB-INF/src/com/randomcoder/s
Since you were curious why someone would want to disable URL rewriting, I can
tell you why we had to do this.
For our client, it was taken for a given that users would be frequently
copying/pasting URLs in emails and IMs to other users. It's not a necessary
part of our application, but we all kno
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken,
Ken Bowen wrote:
> But all this leads to the obvious question (which I asked): If I'm not
> going to allow jsessionid's to slip out, can I suppress
> their creation totally?
The "creation" of the id is implicit in the creation the session: the
s
Chris,
a) Yes, I plan to always require cookies, because of ...
b) It's the search engine issue: They are cookie-less, and one gets
(severely?) penalized by letting the jsessionid's slip out.
While I'm using UrlRewriteFilter to provide an abstraction to the site's
urls (and it works great), I
On 10/26/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
> Ken,
>
> Ken Bowen wrote:
> > Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
> > jsessid ?
>
> Do you want to completely disable sessions, or just always require cookies?
If the site doesn't need to use session
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken,
Ken Bowen wrote:
> Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
> jsessid ?
Do you want to completely disable sessions, or just always require cookies?
While the servlet specification does not require containers to p
