Actually there's a much cleaner alternative described at http://randomcoder.com/articles/jsessionid-considered-harmful
Just add a filter that wraps the current HttpServletResponse and overrides the encodeUrl and encodeRedirectUrl so that they just return the passed string - in that way, the container's code that adds the jsessionid is never executed! On Feb 7, 2008 9:38 PM, prelag <[EMAIL PROTECTED]> wrote: > > The Problem > When developing a web application that you want search engines to actually > index correctly, it is important to have clean looking, "friendly", and > descriptive links. If you implement friendly urls ( > http://tapestry.apache.org/tapestry4.1/usersguide/friendly-urls.html > http://tapestry.apache.org/tapestry4.1/usersguide/friendly-urls.html ) and > implement your own custom service encoder, then you solve half of this > problem. > > The other half of the problem is the way that most application > servers/servlet containers handle sessions. The first time a client hits > the server, the server will generate a new session. Since the server does > not know whether or not the client supports sessions it will attempt to > create a session cookie and also append the jsession id to the end of every > href url string. For example, your links look like this: > http://mydomain.com/product/111/Red+Bull+Injector;jsessionid=392a09sdf9as8df09asdf. > That link looks great to a search engine indexer except for that ugly > jsessionid that will really hurt the ability to achieve any sort of page > rank/link popularity. > > The Solution > In Tapestry there is a fairly easy way to overcome this. Your pretty links > should be ExternalLink components. Here is what one of mine looks like: > All of the parameters there should make sense if you have implemented > friendly urls. However, pay attention to renderer. What the renderer > parameter does is let you specify a custom ILinkRenderer to generate the > string for this links url. Remember, Tapestry itself does not append the > jsessionid, that is done by the server, specifically when Tapestry calls the > HTTPServletResponse.encode() method. > > In your page class create a method public CleanLinkRenderer > getCleanLinkRenderer(){ return new CleanLinkRenderer(); }. Now create a > class CleanLinkRenderer that implements ILinkRenderer. Here is my code, you > can see where it strips out the jsessionid. Please remember, I am simply > stripping off the jsessionid, however you now have full control to write the > url string exactly the way you want it. This code is basically a cut/paste > job of DefaultLinkRenderer except for the commented change. Now you have > full control over how your links are written. > > public class CleanLinkRenderer implements ILinkRenderer { > > public static final ILinkRenderer SHARED_INSTANCE = new > CleanLinkRenderer(); > > public void renderLink(IMarkupWriter writer, IRequestCycle cycle, > ILinkComponent linkComponent) > { > IMarkupWriter wrappedWriter = null; > > if (cycle.getAttribute(Tapestry.LINK_COMPONENT_ATTRIBUTE_NAME) != > null) > throw new ApplicationRuntimeException( > Tapestry.getMessage("AbstractLinkComponent.no-nesting"), > linkComponent, > null, > null); > > cycle.setAttribute(Tapestry.LINK_COMPONENT_ATTRIBUTE_NAME, > linkComponent); > > boolean hasBody = getHasBody(); > > boolean disabled = linkComponent.isDisabled(); > > if (!disabled) > { > ILink l = linkComponent.getLink(cycle); > > if (hasBody) > writer.begin(getElement()); > else > writer.beginEmpty(getElement()); > > //////HEY EVERYONE THIS IS THE COMMENT I WAS TALKING ABOUT > //////HEY EVERYONE THIS IS THE COMMENT I WAS TALKING ABOUT > String myUrl = constructURL(l, linkComponent.getAnchor(), > cycle); > myUrl = myUrl.split(";")[0]; //this is where it gets all the > useful information before the ;jsessionid and ignores the rest > writer.attribute(getUrlAttribute(), myUrl); //this sets the url > string the the href attribute > //////HEY EVERYONE THIS IS THE COMMENT I WAS TALKING ABOUT > //////HEY EVERYONE THIS IS THE COMMENT I WAS TALKING ABOUT > > > beforeBodyRender(writer, cycle, linkComponent); > > // Allow the wrapped components a chance to render. > // Along the way, they may interact with this component > // and cause the name variable to get set. > > wrappedWriter = writer.getNestedWriter(); > } > else > wrappedWriter = writer; > > if (hasBody) > linkComponent.renderBody(wrappedWriter, cycle); > > if (!disabled) > { > afterBodyRender(writer, cycle, linkComponent); > > //linkComponent.renderAdditionalAttributes(writer, cycle); > > if (hasBody) > { > wrappedWriter.close(); > > // Close the <element> tag > > writer.end(); > } > else > writer.closeTag(); > } > > cycle.removeAttribute(Tapestry.LINK_COMPONENT_ATTRIBUTE_NAME); > } > > /** > * Converts the EngineServiceLink into a URI or URL. This > implementation > * simply invokes [EMAIL PROTECTED] ILink#getURL(String, boolean)}. > * > **/ > > protected String constructURL(ILink link, String anchor, IRequestCycle > cycle) > { > return link.getURL(anchor, true); > } > > /** > * Invoked after the href attribute has been written but before > * the body of the link is rendered (but only if the link > * is not disabled). > * > * <p> > * This implementation does nothing. > * > **/ > > protected void beforeBodyRender(IMarkupWriter writer, IRequestCycle > cycle, ILinkComponent link) > { > } > > /** > * Invoked after the body of the link is rendered, but before > * [EMAIL PROTECTED] > ILinkComponent#renderAdditionalAttributes(IMarkupWriter, > IRequestCycle)} is invoked > * (but only if the link is not disabled). > * > * <p> > * This implementation does nothing. > * > **/ > > protected void afterBodyRender(IMarkupWriter writer, IRequestCycle > cycle, ILinkComponent link) > { > } > > /** @since 3.0 **/ > > protected String getElement() > { > return "a"; > } > > protected String getUrlAttribute() > { > return "href"; > } > > protected boolean getHasBody() > { > return true; > } > } > > > Thanks for reading everyone! > > > Martin Strand-2 wrote: > > > > I don't know for sure, but I think this is what's going on: > > When the session is first created, a cookie is set and JSESSIONID is > > appended to all links. If your browser doesn't send back the cookie, the > > JSESSIONID will continue being appended to all links. If your browser > > accepts the cookie and sends it back on the next request, the cookie will > > be used instead to track the session id. > > Initially, there's no way for the server to know whether your browser > > accepts cookies or not, so it tries both. > > > > Martin > > > > On Sat, 25 Mar 2006 11:42:42 +0100, Andreas Bulling > > <[EMAIL PROTECTED]> wrote: > > > >> Hi all, > >> > >> just a short question - I will see if the answer will also be that short, > >> as I have no clue what's going wrong here I don't know... :( > >> > >> After logging in into my plattform (built with Tapestry) a JSESSIONID > >> is appended to all links to the different subpages. But: > >> As I can see a cookie is also created with the same JSESSIONID. > >> From my understanding either a JSESSIONID _or_ a cookie is used > >> to track the current session, isn't it? Why do I have both, any idea? > >> > >> The second strange thing is that after clicking on one of the > >> links the JSESSIONID isn't appended to the links anymore?! > >> > >> Thanks for your help! > >> Andreas > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > -- > View this message in context: > http://www.nabble.com/JSESSIONID-and-cookie-tp3585594p15341468.html > Sent from the Tapestry - User mailing list archive at Nabble.com. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > -- Andreas Andreou - [EMAIL PROTECTED] - http://blog.andyhot.gr Tapestry / Tacos developer Open Source / JEE Consulting --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
