Yeah, I'd like to second the above question. How the hell do you associate session id's with a client's request with out cookies? Sure you could embed session ids in the url, but that is hideously ugly and very prone to insecurities, such as sharing urls.