I looked and looked for the answer, I knew that I would find it in stackoverflow or coderanch, and there I found the answer from Charles Lyons, the author of the book in my hands right now it was a fun coincidence.
published on 8/9/2008 11:41 That the encodeURL always writes the session identifier to the URL (if required, for example, since cookies are disabled), while encodeRedirectURL contains additional logic to determine if it is desirable to record the session identifier in. It is a really bad idea to provide foreign sites with a session identifier, for example, since then they can impersonate a user session. hence encodeRedirectURL will put jsessionid in the url if that url is in the current web application and does not rewrite otherwise.
Charles Lyon (SCJP 1.4, April 2003, SCJP 5, December 2006, SCWCD 1.4b, April 2004) Author of the OCEJWCD Study Companion for Oracle Exam 1Z0-899 (ISBN 0955160340)
I also found this answer , which was published earlier,
Posted on 4/19/2006 8:02 AM Quote Post to moderator Hi,
EncodeURL is used to encode URLs to track the session in advance and enable the mechanism. EncodeRedirectURL encodes the specified URL for use in the sendRedirect method.
The main difference between the two: implementation The encodeRedirectURL method includes logic to determine if the session identifier should be encoded in the URL if you redirect the URL to a different context where session information is not required or is invalid. The encodeURL method does not add seeion id if cookies are enabled. In addition to this, encodeRedirectURL does not add session information if the URL is redirected to another context (web application). Since the rules for making this definition may differ from the rules used to decide whether to encode a normal link, this method is separete from the encodeURL method.
Hope this helps you.
thanks
Narendra Dhande