日期:2014-05-16  浏览次数:20370 次

tomcat配置禁止url显示jsessionid
?

It is possible to do this in Tomcat 6.0 with: disableURLRewriting

http://tomcat.apache.org/tomcat-6.0-doc/config/context.html

e.g.

写道
<
Context docBase="PATH_TO_WEBAPP" path="/CONTEXT" disableURLRewriting="true">

</Context>
?

?

<

session

-

config

>


? ? ?

<

tracking

-

mode

>

COOKIE

</

tracking

-

mode

>


?

</

session

-

config

>

 




Tomcat 7 supports the above config in your web-app web.xml, which disables URL-based sessions.

?

tomcat7还可以配置来改变jsessionid来保证服务器安全:http://tomyz0223.iteye.com/blog/811237

?

?