I'm not sure I understand your concern about cookies, but Apache::Session supports any method of SessionID storage (URL or Cookie). I'm not sure what you mean by "cross-server", but Apache::Session is a nice piece of flexible code, I'd give it another look see. (it doesn't require mod_perl, for example, nor is it actually related to Apache, despite the name)

DBD::SQLite may solve your DB problems, and I'm pretty sure there is a Apache::Session::SQLite