Disabling Session Cookies in Jetty
November 26, 2006
When testing Java web applications, the preferred setting for session handling is url rewriting rather than the use of a browser cookie. This configuration allows the developer to maintain isolated sessions across various tabs and windows, a fairly common practice in pre-production environments. While there are many references available on the web that explain how to configure Jetty 5.x to make this switch, I found it much more difficult to pinpoint instructions for how to do it in the Jetty 6.x series. To save folks the headache, I am documenting the configuration below. Create the file jetty-web.xml and place it in the WEB-INF/ directory. Populate that file with the following contents.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure//EN" "http://jetty.mortbay.org/configure.dtd"> <Configure class="org.mortbay.jetty.webapp.WebAppContext"> <Get name="sessionHandler"> <Get name="sessionManager"> <Set name="usingCookies" type="boolean">false</Set> </Get> </Get> </Configure>
By the way, if you aren't using Jetty to deploy your Maven 2 powered application, then you aren't getting the most out of your development time. Take a couple of minutes and follow this maven-jetty-plugin howto to get setup before another minute of hacking goes into the books.