You may want to first read about the difference between a session and a cookie.

There are two cookie management levels. You can set the cookie management settings at the application server level, or at the application level. The settings at the application level will take precedence over the settings at the application server level.

Application:

1. In the WebSphere admin console, expand Application > Application Types, and select Websphere enterprise applications.
2. Select an application.
3. Select Session management.

Application server:

1. In the WebSphere admin console, expand Server > Server Types, and select Websphere applications servers.
2. Select an application server.
3. Select Session management.

Session tracking mechanism

In the Session tracking mechanism section, by default, only Enable cookies is enabled. 

Enable cookies

When enable cookies is selected, a cookie will be created on the client PC when requesting the app running on WebSphere in the browser. By default, the cookie is named JSESSIONID. In this example, the session ID (0001ngigW0ETRpuIwfKKzcufWkA:1c4gskmd0) was obtained from the cookie which was created when the web app was requested in the browser. 

Enable cookies will take precedence over Enable URL rewriting. When Enable cookies is checked, the session ID will attempt to be obtained from a cookie.