How does Session handling works in Servlet environment

There are multiple ways to handle session by a servlet framework. For example following methods can be used,

Servlets use cookies as the default mechanism for session tracking, but in case cookies are disabled on the client, Server can use URL re-writing for achieving the same.

When server calls request.getSession(true), then server generates and sends JSESSIONID back to the client for all future session references. JSESSIONID will then be stored by the client and sent back to the server using any of the above mentioned mechanisms.

To ensure that your Servlets support servers that use URL rewriting to track sessions, you must pass all the URL’s used in your servlet through the HttpServletResponse.encodeURL() method