Specify details about how to manage a session of a Web container, in the tracking mode. There are two types of tracking mode; a mode using an HTTP Cookie and a mode using the URL rewrite. You can choose to use either one or both of the tracking modes.

• When using only an HTTP Cookie
  Note that only the session management by the HTTP Cookie is enabled. At this time, a character string with the URL rewrite does not include a URL path parameter that indicates the session ID.
  
• When using only the URL rewrite
  Note that only the session management by the URL rewrite is enabled. At this time, the response does not include the information of an HTTP Cookie that indicates the session ID.
  
• When using both the HTTP Cookie and the URL rewrite
  The session management by an HTTP Cookie and the session management by a URL re-write is enabled. The Web container determines the method used for managing the session, depending on the method from which the session ID is acquired. When the session ID is acquired from an HTTP Cookie, the Web container determines that the session is managed by the HTTP Cookie. When the session ID is obtained from a path parameter of a URL, the Web container determines that the session is managed by the URL rewrite. The Web container carries out this determination for each request.
  

The session ID is managed as an HTTP Cookie. You can attach the HttpOnly property to the HTTP Cookie.

When a new HTTP session is created, an HTTP Cookie indicating the session ID is added to the HTTP response header. The name of the HTTP Cookie indicating the session ID is JSESSIONID. You can change the Cookie name if you are using Application Server 09-00 or later. Note that if the created HTTP session is disabled before commit, the HTTP Cookie is not added.

The session ID is managed as a URL path parameter.

The name of the URL path parameter indicating the session ID is jsessionid. You can change the name if you are using Application Server of 09-00 or later. The session ID is added in the format ;jsessionid= session ID at the end of the URL path, when the URL is rewritten by the Web container.

The URL path has a hierarchical structure and includes a value used for identifying resources. A query and fragment is not included in the URL path. Therefore, when these elements are included in the URL, the session ID is added immediately after the query or fragment. Also, if a path parameter other than the session ID is included in the URL, the path parameter indicating the session ID is added at the end of the path parameter included in the URL.

Hint

When you add the session ID to the URL path parameter, the URL string length increases.

The following table lists the increased string length:

Table 2-28 URL string length increased by URL rewrite

Functionality usage status	Increases URL string length (unit: string length)
When the redirector-based load balancing functionality or server ID addition functionality is not used	44#
When the redirector-based load balancing functionality is used	44# + 1 (string-length-of-period) + string-length-of-worker-name
When the server ID addition functionality is used (when the redirector-based load balancing functionality is not used)	44# + string-length-of-server-ID
When the database session failover functionality (when completeness guarantee mode is disabled) or EADs session failover functionality is used	44# + characters count of server ID + 16 (alphanumeric character count)

#

This is the sum of the 12 characters (;jsessionid=) plus the 32 characters of the session ID.When the name of the path parameter of a URL is changed, the total of the following values serves as the size of the path parameter:

- Character count of path parameter

- Character count of the semicolon (;), and equal (=) signs

- Character string length of the session ID of an HTTP session (32 characters)