tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rashmi Rubdi <>
Subject Re: Web spiders - disabling jsessionid
Date Sun, 03 Dec 2006 19:09:40 GMT
---- Original Message ----
From: Eric Haszlakiewicz

>> Perhaps that is the /quickest/ solution, but I would argue that the best
>> solution is not to create a session if you don't actually need one.

>heh.  yeah, not creating the session is definitely NOT the quickest way. :)


I haven't tested with sessions off, since my entire application uses session (without authentication).

So the solution for Bryce would be to leave the session on on each JSP page, and omit the
cookies attribute of <Context which defaults it to true.  

This should solve the problem of jsessionid for bots.

From my observation search bots support cookies otherwise I would have the problem of jsessionid
appended to URLs too.

Cheap talk?
Check out Yahoo! Messenger's low PC-to-Phone call rates.

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message