From 0cec8af0749a8d3ffba5aa7a7df324f41822fe64 Mon Sep 17 00:00:00 2001
From: Athou <jeremiepanzer@gmail.com>
Date: Sun, 17 Aug 2014 17:27:08 +0200
Subject: [PATCH] don't show jsessionid in url

---
 src/main/java/com/commafeed/CommaFeedApplication.java | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/main/java/com/commafeed/CommaFeedApplication.java b/src/main/java/com/commafeed/CommaFeedApplication.java
index 3309b08f..221a3b27 100644
--- a/src/main/java/com/commafeed/CommaFeedApplication.java
+++ b/src/main/java/com/commafeed/CommaFeedApplication.java
@@ -13,6 +13,8 @@ import java.io.File;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
 
+import javax.servlet.SessionTrackingMode;
+
 import org.eclipse.jetty.server.session.HashSessionManager;
 import org.eclipse.jetty.server.session.SessionHandler;
 
@@ -48,6 +50,7 @@ import com.commafeed.frontend.servlet.AnalyticsServlet;
 import com.commafeed.frontend.servlet.CustomCssServlet;
 import com.commafeed.frontend.servlet.LogoutServlet;
 import com.commafeed.frontend.servlet.NextUnreadServlet;
+import com.google.common.collect.ImmutableSet;
 import com.google.inject.Guice;
 import com.google.inject.Injector;
 import com.wordnik.swagger.config.ConfigFactory;
@@ -100,6 +103,7 @@ public class CommaFeedApplication extends Application<CommaFeedConfiguration> {
 
 		// Auth/session management
 		HashSessionManager sessionManager = new HashSessionManager();
+		sessionManager.setSessionTrackingModes(ImmutableSet.of(SessionTrackingMode.COOKIE));
 		sessionManager.setHttpOnly(true);
 		sessionManager.getSessionCookieConfig().setHttpOnly(true);