http://kbase.redhat.com/faq/docs/DOC-17273 is right but you must be aware that changes the cookie session path to /your_app which may have side effect if you have more that one context deployed. "when the session cookie is being used in the URL" I guess you mean when the session cookie is urlencoded (no cookies) those sessionid WON'T be reused. View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4270132#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...