The session id is always appended to the url as path parameter at the first request even if it is disabled by web.xml <tracking-mode>

Solution Verified - Updated 6 Aug 2024

Environment

JBoss Enterprise Application Platform (EAP) 6.0.x

Issue

The session id is always appended to the URLs at the first request even if it is disabled by the following <tracking-mode> setting in web.xml in EAP 6.0.

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>

Is this a bug? How do I avoid this?

Resolution

Upgrade to EAP 6.1.0 or later (preferably the latest) to acquire this fix.
Prior to EAP 6.1.0, please use the filter which is described in this article to remove the jsessionid from URLs as a workaround.
The attached JsessionIdRemoveFilter-EAP6.tar.gz is a sample ant project which you can build the filter by yourself.

Extract the attached JsessionIdRemoveFilter-EAP6.tar.gz
Edit build.properties and set jboss.home to your EAP 6 install path.
Execute ant jar to build
Put a generated JsessionIdRemoveFilter.jar under WEB-INF/lib of your web application

Root Cause

Content from issues.jboss.org is not included.JBWEB-249

SBR

Webservers

Product(s)

Red Hat JBoss Enterprise Application Platform

Components

jbossas

Category

Troubleshoot

Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.