Actually this is not so uncommon, an there are many 'good' reasons to do
so, see:
http://randomcoder.com/articles/jsessionid-considered-harmful
Here is an example of a filter that takes care of this:
http://randomcoder.com/repos/public/randomcoder-website/tags/1.0.3/WEB-INF/src/com/randomcoder/s
...
>
> I'm not sure why you'd ever want to do this, though. I'd love to hear
> your reason for doing it, though.
>
> ...
>
--
View this message in context:
http://www.nabble.com/Turning-off-jsessionid-tp13430750p14289776.html
Sen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken,
Ken Bowen wrote:
> But all this leads to the obvious question (which I asked): If I'm not
> going to allow jsessionid's to slip out, can I suppress
> their creation totally?
The "creation" of the id is implicit in the creation the session: the
s
Chris,
a) Yes, I plan to always require cookies, because of ...
b) It's the search engine issue: They are cookie-less, and one gets
(severely?) penalized by letting the jsessionid's slip out.
While I'm using UrlRewriteFilter to provide an abstraction to the site's
urls (and it works great), I
On 10/26/07, Christopher Schultz <[EMAIL PROTECTED]> wrote:
> Ken,
>
> Ken Bowen wrote:
> > Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
> > jsessid ?
>
> Do you want to completely disable sessions, or just always require cookies?
If the site doesn't need to use session
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken,
Ken Bowen wrote:
> Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
> jsessid ?
Do you want to completely disable sessions, or just always require cookies?
While the servlet specification does not require containers to p
Hi All,
Is there a way to tell Tomcat to never rewrite urls? I.e., to never add
jsessid ?
Thanks,
Ken Bowen
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional com
