1. use only encodeURL() even end-user supports cookies coderanch.comContainer sees that you called request.getSession()on the FIRST request and realizes that it needs to start a new session with this client, the container sends the response with both a "Set-Cookie" header for the session ID, and the session ID appended to the URLs (assuming you used response.encodeURL()) let us consider that this client accepts cookies. Now my doubt is whether ... |