Hey, this is probably somehow more a servlet issue rather than rewrite issue.
On the very first request(make sure you have no cookies set at all) the session id is appended to the URL as path parameter. I know that this is a mechanism to safely ensure session availability, but I would like to turn that off since the session id in the URL is somehow ugly…
You are right. This is the default behavior of a servlet container. If the client doesn’t include a cookie in the first request, the container cannot tell whether the client supports cookies or not. Therefore the container embeds the session id in the URL.
But you can disable this in your web.xml using the session-config element:
final SessionCookieConfig cookieConfig = event.getServletContext().getSessionCookieConfig();
final Set<SessionTrackingMode> modes = new HashSet<SessionTrackingMode>();
Of course I use 3.0. Probably you are right and that is a bug. Right now it is not such a big deal, but maybe in a few months. Any suggestions on how to overcome that bug with rewrite? With a smart rule that might be possible right?
Where would you suggest to report that issue, on JBoss Web project?
Yeah, I would report it in the JBoss Web project, but I would first attempt to reproduce the issue *without* Rewrite in the project. Even better would be if you could reproduce it with an Arquillian test case and attach that to the issue report.