URL Rewriting

As I mentioned earlier, the session ID needed to keep track of requests within the same session can be transferred between the server and the browser in a number of different ways. One way is to encode it in the URLs created by the JSP pages. This is called URL rewriting. It’s an approach that works even if the browser doesn’t support cookies (perhaps because the user has disabled them). A URL with a session ID looks like this:


When the user clicks on a link with an encoded URL, the server extracts the session ID from the request URI and associates the request with the correct session. The JSP page can then access the session data in the same way as when cookies keep track of the session ID, so you don’t have to worry about how it’s handled. What you do need to do, however, is tell the JSP container to encode the URL when needed. To see how it’s done, let’s add HTML links in the counter page—one link without rewriting and one with. Example 10-5 shows a counter page with this addition.

Example 10-5. A page with links, with and without URL rewriting (counter2.jsp)
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
    <title>Counter page</title>
  <body bgcolor="white">
    <%-- Increment the counter --%>
    <c:set var="sessionCounter" scope="session"
      value="${sessionCounter + 1}" />
    <h1>Counter page</h1>
    This page has been visited <b>${sessionCounter}</b> times within the current session. ...

Get JavaServer Pages, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.