Best practices typically recommend that a session cookie should not be created unless absolutely necessary (for example, when the user actually logs in). However, Mobile Portal Accelerator creates a jsessionid cookie for an anonymous user.
Based on the following, this creation of the session cookie is acceptable:
Parent topic: Common problems
- Portal requires the session for the Short URL support (for example, Portal stores the state in the session rather than the URL).
- The MCS Device is placed for the user in the session so device recognition is not performed on every request.