tomcat配置禁止url显示jsessionid

 
 

It is possible to do this in Tomcat 6.0 with: disableURLRewriting

http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

e.g.

写道
<
Context docBase="PATH_TO_WEBAPP" path="/CONTEXT" disableURLRewriting="true">

</Context>

 

 

<session-config>
  <tracking-mode>COOKIE</tracking-mode>
</session-config>


Tomcat 7 supports the above config in your web-app web.xml, which disables URL-based sessions.

 

tomcat7还可以配置来改变jsessionid来保证服务器安全:http://tomyz0223.iteye.com/blog/811237

 

 

你可能感兴趣的:(session)