Consider using a filter like this:
package com.foo;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpServletResponseWrapper;
//import org.apache.commons.logging.Log;
//import org.apache.commons.logging.LogFactory;
/**
* Replaces the Response with one that will never put in a jsession.
* Here is what needs to go into the web.xml:
*
<filter>
<filter-name>JSession Strip Filter</filter-name>
<filter-class>com.foo.JSessionStripFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>JSession Strip Filter</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
* some of this code is from URLRewriteFilter
*/
public class JSessionStripFilter implements Filter {
private FilterConfig filterConfig = null;
//private static final Log log =
LogFactory.getLog(JSessionStripFilter.class.getName());
public static String USING_JSESSION_STRIP = "usingJsessionStrip";
public void init(FilterConfig filterConfig) throws ServletException {
//log.info("Filtering: no jsessionids will be generated.");
this.filterConfig = filterConfig;
}
public void doFilter(ServletRequest request, ServletResponse response,
FilterChain chain) throws IOException,
ServletException {
HttpServletResponse hResponse = (HttpServletResponse)response;
HttpServletRequest hRequest = (HttpServletRequest) request;
hRequest.setAttribute(USING_JSESSION_STRIP, "true");
if (hResponse.isCommitted()) {
//log.error("response is comitted cannot forward " +
// " (check you haven't done anything to the response (ie,
written to it) before here)");
return;
}
chain.doFilter(hRequest, new StripSessionIdWrapper( hResponse) );
}
public void destroy() {
filterConfig = null;
}
/**
* This is a wrapper that does not encode urls with jsessions
*/
public class StripSessionIdWrapper extends HttpServletResponseWrapper {
public StripSessionIdWrapper(HttpServletResponse response)
{
super(response);
}
public String encodeRedirectURL(String url) { return (url); }
public String encodeUrl(String url) { return (url); }
public String encodeURL(String url) { return (url); }
}
}
On Wednesday 06 December 2006 5:53 pm, Simon Pink wrote:
> Hi there,
>
> It is well noted by Google (and other search engines) that they do not like
> session tracking info as part of the URL. This does include JSessionId, and
> because Google visits your site as a cookieless user, every page indexed by
> them includes JSessionId, this is bad for numerous reasons - but the main
> reason is that Google may think you are cheating, as they are indexing the
> same page multiple times and it adversely effects your ranking.
>
> It is annoying as Tomcat deals with the URL according to standards, It seems
> to be everything else which doesn't. To be more precise, it is the ';' in
> the URL which servers such as Apache, and search engines and spiders like
> Google don't like much at all. By all rights Google should ignore the
> session id but it doesn't.
>
> Anyway, how do I turn this cookie-less tracking off for Tomcat? I would
> rather have better ranking (and not be banned) than have a minor percent of
> customers not being able to use my site. Or is there another solution that I
> have missed here?
>
> Kind Regards,
> Simon.
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: [email protected]
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
Brian Caruso
Programmer/Analyst
Albert R. Mann Library
Cornell University
Ithaca, NY 14853
(607)255-7705
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
