Weblogic and the curse of the Session Id
While implementing a simple session time out scenario , i encountered problems which seemed bizarre .. i discovered that multiple sessions being created .Strangely i saw that these sessions were being created even though an existing session was in place .and clicking any link on the site created a new session almost everytime . Deciding to do something different i entered the url on the browser and voila !! no sessions were being created ... Further investigation led me to the weblogic.xml which had an encode sessionidinquery params value set to true . What this triggered was the weblogic now only understood if there was jsessionId present in the browser .and the web site did'nt use any of the response.encodeUrl() so clicking on any link on the website resulted in creating a new session.

Changing the parameter encodeSessionIdinQueryParams to false restored some sanity and able to carryout the timeout implementation.