> From: Marian Simpetru [mailto:marian.simpe...@esolutions.ro] > Subject: JSESSIONID and impact on google > > When it came to google, we realized we are punished for using tomcat, > since there seems to be no way in disabling jsessionid (session id > appended to URL).
Of course there is - don't create a session in the first place. Sessions are only created automatically by Tomcat when a login occurs (and I presume the Google bots aren't supplied with authentication credentials); otherwise it's *your* webapp that has specified that a session be created. > Question is: Is there a way to configure tomcat to only use cookies Again, it's *your* webapp that's appending the session id by calling encodeURL(); if you only want to use cookies, don't do that. > Also the name ' JSESSIONID' is configurable? It's required by the servlet spec, but at least in the current Tomcat level (6.0.24) you can change it by setting the org.apache.catalina.SESSION_PARAMETER_NAME system property: http://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html#Sessions - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
