People can either learn techniques or the principle behind the technique.
If you just have techniques without the underlying principles you cannot adapt to situational variance.
I didn't say anything about using cookies or rewriting URLs, those are techniques. The principle is passing the information back and forth.
That is how sessions are tracked, a
string gets assigned to the client and then this is passed back and forth between the server and the client.
An option with no URL rewriting, have your applications generate hidden form fields and post this string with each request.
It all depends on what you want/need to do. Are you developing two seperate applications with two seperate logins? Or is the login mechanism in just JSP (or ASP) and this needs to make requests to the ASP (or whatever) part.
If you have two seperate logins (God only knows why you need to do this), then I think it is best to have a third application that the other two reference to track the session. I'm no expert on ASP (or anything else for that matter) but I think I read that you can create activeX controls with Java or interact with beans from VB so there should be a way. If all else fails you could always use sockets to communicate. There might also be some slick CORBA/RMI answer.