The URL rewriting ";jsessionid=XXXXXX" constructs are definitely harmful. Take a look at your web logs. Chances are you'll see that robots are crawling your site hundreds or thousands of pages deep. To them, you've got a totally brand new website each time they visit. And it's not just the big robots -- the minor ones like Genieknows can do it too. I had Exabot, a minor crawler, eating 10% of my server's bandwidth because of just this.
I just finished implementing the http://randomcoder.com/articles/jsessionid-considered-harmful solution. I hated doing such a kludge, but it works great. -Bryce http://www.citycarshare.org/ Claudia wrote: > > Backgound: > Under the covers, Httpsession tracking uses > cookies or falls back on URL rewriting(if neccessary) to > handle sessions. This is nothing users need to worry > about, unless users browser will not have cookies enabled. In that case, > you > have to make sure the development code uses URL rewriting to encode any > URLs > generated. The java code in struts menu takes care of that(I assume). Some > claim > that showing the sessionid is harmful. I thought I had to resort to URL > rewriting to solve the problem I was having. This cant be easily done with > Velocity if at all..But Matt your comment made me rethink the problem in a > simpler fashion..so thanks.. > -- View this message in context: http://www.nabble.com/Identifier-JSESSIONID-exposed-on-all-my-struts-menu-webapps-tf3414711.html#a9904584 Sent from the struts-menu-user mailing list archive at Nabble.com. ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ struts-menu-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/struts-menu-user
