How can I enable session tracking for JSP pages if the browser has disabled cookies?

By default session tracking uses cookies to associate a session identifier with a user. If the browser does not support cookies, or if cookies are disabled, you can still use session tracking using URL rewriting. For URL rewriting to be effective, you need to append the session ID for each and every link that is part of your servlet response. By using the methods response.encodeURL() and response.encodeRedirectURL() we can achieve this.