Submit Feedback
Legacy Knowledge Base
Published Sep. 10, 2025

Getting the Liferay Session ID in Javascript

Written By

Adam Kollar

How To articles are not official guidelines or officially supported documentation. They are community-contributed content and may not always reflect the latest updates to Liferay DXP. We welcome your feedback to improve How To articles!

While we make every effort to ensure this Knowledge Base is accurate, it may not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with any feedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack" publication program, made available for informational purposes. Articles in this program were published without a requirement for independent editing or verification and are provided"as is" without guarantee.

Before using any information from this article, independently verify its suitability for your situation and project.

Issue

  • We can't extract the session ID using JavaScript, because the Liferay.ThemeDisplay.getSessionId() function consistently returns an empty string.

Environment

  • Liferay DXP 7.4

Resolution

  • By default, the Liferay.ThemeDisplay.getSessionId() function will always return a blank string. To change this, you need to adjust your settings.
  • This is how you can resolve the issue:
    1. You need to set the property 'session.enable.url.with.session.id' to 'true' within the portal-ext.properties file.
    2. Once this change is made, the session ID can be retrieved using the Liferay.ThemeDisplay.getSessionId() function.

Additional Information

  • While this solution will allow you to retrieve the session ID, it's crucial to understand the potential risk involved:
    • The 'session.enable.url.with.session.id' property is usually set to 'false' to safeguard against potential security risks associated with session IDs being visible.
    • Keeping session identifiers in cookies is generally safer and more efficient.
    • This is because if a session ID is attached to a URL, there's a risk that if you share that URL, you could inadvertently share your session with the recipient if the code doesn't manage this scenario appropriately.
  • Follow the link for more information regarding Session Management in Liferay.
Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?