Published: Sunday, 20 August 2006

Why does jsessionid appear?

Usually HTTP sessions are maintained using cookies. If the client has cookies turned off, the servlet specification says that you can rely on URL rewriting and the appending of a special jsessionid parameter to the end of the URL. Some containers can be setup to append this for you if it detects the client does not support cookies.

If your container supports session rewriting, you can use HttpServletResponse.encodeURL(String URL)


Check your the order of components in your URL.

Make sure the jsessionid comes BEFORE any HTML GET parameters that are passed in.

e.g. a correct URL is http://example.com/test.jsp;jsessionid=ABCDEF0123456789?userid=john

If the jsessionid comes after the userid then it will be regarded as part of the parameter value.