[转] Tomcat 禁用URL中的JSESSIONID

[From] http://stackoverflow.com/questions/962729/is-it-possible-to-disable-jsessionid-in-tomcat-servlet

[From] https://fralef.me/tomcat-disable-jsessionid-in-url.html

 

Tomcat 6 (pre 6.0.30)

You can use the tuckey rewrite filter.

Example config for Tuckey filter:

<outbound-rule encodefirst="true">
  <name>Strip URL Session ID's</name>
  <from>^(.*?)(?:\;jsessionid=[^\?#]*)?(\?[^#]*)?(#.*)?$</from>
  <to>$1$2$3</to>
</outbound-rule>

Tomcat 6 (6.0.30 and onwards)

You can use disableURLRewriting in the context configuration to disable this behaviour in tomcat/conf/context.xml.

See: https://fralef.me/tomcat-disable-jsessionid-in-url.html

Tomcat 7 and Tomcat 8

From Tomcat 7 onwards you can add the following in the session config in web.xml of your application.

<session-config>
    <tracking-mode>COOKIE</tracking-mode>
</session-config>