HttpSession Object is just one way to do session tracking of clients. If your webserver is not able to use this, you can use any of the other ways.
Html rewrite can be used, thats where you constantly place a hidden parameter in each form on the html pages to carry 'session' information between requests.
Cookies can be used, though this requires that all the clients have browsers with cookies enabled. Quite a few larger companies really frown on the use of cookies.
Hope this helps