Removing JSESSIONID from URLs for Spring Security 3.0+ applications
jsessionid in URLs look annoying, more so in search results. Disabling them from URL is just a configuration in your spring-security.xml file for Spring version 3.0 + : use the disable-url-rewriting=”true” in the security namespace for http tag. the http tag becomes:
<security:http auto-config="false" disable-url-rewriting="true">
If you are not using http cofiguration and using FilterChainProxy, this article can help.
Leave a Comment