JSESSIONID

JSESSIONID is a cookie used by Java servlet containers to maintain state for a user session across multiple HTTP requests. The value of the cookie is a server-generated session identifier (HttpSession ID) that the application uses to look up session data stored on the server. The cookie name JSESSIONID is the conventional default used by Java EE and Jakarta EE environments.

The cookie is typically created when a session is started and is sent by the browser with

Security considerations: since the cookie identifies the user's session, it should be protected. Modern servers set

In clustered deployments, sharing session state across nodes may require session replication, a distributed session store,