去掉java项目URL地址栏后面的";JEESESSIONID
方法一:
添加过滤器
web.xml添加以下内容
<filter>
<filter-name>jsessionid</filter-name>
<filter-class>com.myc.webpro.base.filter.DisableUrlSessionFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>jsessionid</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
添加DisableUrlSessionFilter.java
public class DisableUrlSessionFilter implements Filter {
/*
* private static Log logger =
* LogFactory.getLog(DisableUrlSessionFilter.class);
*/
/**
* Filters requests to disable URL-based session identifiers.
*/
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// skip non-http requests
if (!(request instanceof HttpServletRequest)) {
chain.doFilter(request, response);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
HttpServletResponse httpResponse = (HttpServletResponse) response;
// clear session if session id in URL
if (httpRequest.isRequestedSessionIdFromURL()) {
HttpSession session = httpRequest.getSession();
if (session != null) {
//session.invalidate();
}
}
// wrap response to remove URL encoding
HttpServletResponseWrapper wrappedResponse = new HttpServletResponseWrapper(
httpResponse) {
@Override
public String encodeRedirectUrl(String url) {
return url;
}
@Override
public String encodeRedirectURL(String url) {
return url;
}
@Override
public String encodeUrl(String url) {
return url;
}
@Override
public String encodeURL(String url) {
return url;
}
};
// process next request in chain
chain.doFilter(request, wrappedResponse);
}
/**
* Unused.
*/
public void init(FilterConfig config) throws ServletException {
}
/**
* Unused.
*/
public void destroy() {
}
}
方法二:
servlet3.0以后session id的保存方式
1、COOKIE 保存在客户端COOKIE中,通过请求读取cookie确认会话归属
2、URL 跟在url接连后面,默认方式,通过读取url后缀确认会话归属
3、SSL 使用SSL连接确认会话归属,这个最安全,但成本最高
web.xml中session配置 使用COOKIE生成session即可解决此问题
<session-config> <session-timeout>60</session-timeout> <tracking-mode>COOKIE</tracking-mode> </session-config>