For internal (non-public) applications, where we know that all users browsers support cookies, there's no need for URL rewriting to track sessions. Furthermore having sessionID in the URLs has the following drawback : the first returned page contains URLs that reference static resources (images, CSS, JS...) with the session ID, but the following pages contain the same URL without the sessionID. Thus those resources are downloaded twice instead of once. This option should be disabled by default since it is not spec compliant. Proposition : <Context disableUrlSessionTracking="true" >
Created attachment 26322 [details] Patch for tc7 Proposed patch for tc7. Note that this feature is not useful for servlet 3 webapps since this can be configured in web.xml. I'd like to backport this to tc6.
It is already implemented in TC6. See bug 49811 and http://svn.apache.org/viewvc?rev=1027196&view=rev
Sorry I missed that one. So the functionality is in tc6 but not in tc7 ? weird... This means that users have to upgrade to servlet 3 to set the session tracking mode... *** This bug has been marked as a duplicate of bug 49811 ***