|By using either Cookies, or URL Rewriting (if the client does not accept cookies).
This conforms to sections 7.1.1 and 7.1.4 of the Servlet 2.3 Specification.
ServletExec first looks for a cookie named "JSESSIONID" (all upper case) in the request header. The name of that cookie is mandated by the Servlet Specification. If the request has no such cookie, then ServletExec will look at the request URL itself to see if the session id is encoded/embedded there.
Note: If using URL Rewriting, one must be sure to call:
for each link emitted by their code.
For JSPs, one could pass an init parameter named "urlRewriting" with a value of true, to the JSP Engine that's built into ServletExec.
- For SE 5.x and newer, that JSP Engine is implemented by a servlet named "JspServlet".
- For SE 4.x and older, that JSP Engine is implemented by a servlet named "JSP10Servlet".
For more details on how to configure that Servlet, please read FAQ #315
Section SRV.7.1.3 of the Servlet 2.3 Specification describes the proper format for this. For example:
NOTE: If the client accepts cookies then the above-mentioned encode methods of the Response Object will not actually encode the URL (see JavaDocs for more information about this).
Also note that the name "jsessionid" is all lower case when it appears in the url itself. This is mandated by the Servlet Specification.