Is it possible to turnoff jsessionid in the url in tomcat? the jsessionid seems not too search engine friendly. Answer You can disable for just search engines using this filter, but I’d advise using it for all responses as it’s worse than just search engine unfriendly. It exposes the session ID which can be used for certain security exploits (more