As Raul mentioned. If cookies are disabled, you'll need to use URL Rewriting.
If this is the case, you'll need to convert all of your HTML pages to JSPs so that you can embed the sessionId into all of the URLs used in anchor tags and form actions.
[correction] You'll need to convert any HTML pages that have links or forms to JSPs. [ September 27, 2006: Message edited by: Ben Souther ]
You have to rewrite the jsp and servlet using some different set of methods which incluses the jsessionid after the url.All the hrefs in your jsps will also change.
Lots of online materials are also available describing this method.even Head first book on servlets and jsp has delt with this , in the session tracking chapter.
Basically session is tracked using JSESSIONID in cookies and cookies which traverses to and fro in the header of the HTTP request and responses.So in case the html is forward by a servelt then the header of the HTTP response that has the html would also contain the JSESSIONID.In that way the session can be tracked for html pages.
Or,
you have append every anchor tag's href attribute with something like ;JSESSIONID=<sessionID> to maintain the session for html pages.
I think this needs a lot of work.Prefered way would be to certify your application for browsers with cookies enabled.this way you can reduce a lot of work.