This is indeed the case if Jetty can check that cookies are properly
handled by the client. But on the first access, Jetty has no way to
check that cookies are accepted by the client so it will add the
jsessionid automatically. This is why search engines suffer from this
problem. If you use
Ok, I have learned something new today :)
You will only have this problem if you are creating a user session for
each and every request. If you are a bit more conservative for
creating user sessions (for example, storing data in cookies for the
anonymous user) maybe this issue would