How to Remove jsessionid from URL

A "JSESSIONID" is the unique id of the http session – see the javadoc here.

When you start a HTTP session, the session ID is appended to the URL and a cookie is set. If the browser has cookies enabled, the JSESSIONID is not used on subsequent requests.

Here is a urlrewrite rule to get rid of it, substitute JSESSIONID for
the name of the parameter your app server uses to track sessions.

<outbound-rule encodefirst="true">
<name>Strip URL Session ID’s</name>
<to encode="false">$1$2$3</to>

Just be aware that removing the session id will make sessions not work
for clients that do not support cookies.

Related Posts:

2 Responses

wong December 31, 2008 at 9:05 am

Hi Laxman,

I’ve an jsp web page currently upload to a web hosting server. Whenever the first load of every page, i can see jsessionid is appended after javascript/css like below:

Do you know what is the causes of jsessionid being append inside the javascript/css tag? Btw, i’ve tested my jsp page at my local environment and it doesn’t have extra jsessionid append (view source of the page).

Thanks. 🙂

Wong December 31, 2008 at 9:05 am

Hi Laxman,

Now i can show my page beautifully. I just found that my web hosting’s tomcat doesn’t support jsp tag like below:

< script type=”text/javascript” src=”<c:url value=’/scripts/calendar/calendar.js’/….

No more jsessionid is appended after .js or .css

Anyway thanks.

Cheers & Regards,


Comments are closed.