Removing jsessionid from the URI

Yes you can do it but it likely break your application by doing it. Remember the webserver is setting these for a reason.

Thanks for your answer Kevin. Actually, I just wanted to hide the jsessionid to be shown up from the end user or to be appeared in the URI. From ASM, still would like to send the requests to the host server as original.

Ok here is an iRule that may help you. This treats the request and response sides independently. It uses the information in the cookie to add the jsessionid parameter if it does not exist. You may need to change the case of jsessionid to match your application.

when HTTP_REQUEST {
   no replace on  requests
  STREAM::disable
   turn off compressed responses
  HTTP::header remove Accept-Encoding
   add jsession parameter if cookie exists and it does not
  set sid_cookie [HTTP::cookie jsessionid]
  set sid_query [URI::query [HTTP::uri] jsessionid] 
  set query [HTTP::query]
  if {($sid_cookie ne "") and ($sid_query eq "")} {
    if {$query eq ""} {
      HTTP::query [HTTP::query]?jsessionid=[HTTP::cookie jsessionid]
    } else {
      HTTP::query [HTTP::query]&jsessionid=[HTTP::cookie jsessionid]
    }
  }
  unset query sid_query sid_cookie
}
when HTTP_RESPONSE { 
  if {[HTTP::header "Content-Type"] contains text} {
     remove jsession parameter if cookie exists
    set sid_cookie [HTTP::cookie jsessionid]
    if {$sid_cookie ne "" } {
      STREAM::expression "@?jsessionid=$sid_cookie@@@&jessionid=$sid_cookie@@@jsessionid=$sid_cookie&@@"
      STREAM::enable
    }
  unset sid_cookie 
  }
}

Caveats: While this iRule does what you ask there is no guarantee your application will like what it is doing. It will require you test to make sure it does not break things.

The second part of the iRule will strip out the following from the webserver response if the jsessionid cookie is present in the response headers.

?jsessionid=xxxxxxx
&;jsessionid=xxxxxxx
jsessionid=xxxxxxx&;

Where xxxxxx is the value of jsession ID in the cookie.