disable cookies in Tomcat5

In /conf/context.xml I add:

<Context cookies="false">

Idea being to enable url rewrite, disabling cookies (a security patch for a client's server at work). I personally am not sure how this will make it more secure, feel free to throw in your expertise on the matter, but either way, I gotta do it & make it work.

When I do disable cookies and open the web application from its context, the browser gets stuck in a constant refresh loop.

The tweak has to be made on the tomcat level (no Apache/mod_rewrite, although fronted/bound to an Apache server) & generally, in a few words, I have to disable session cookies, which would, supposedly, automatically enable URL rewrite instead...

I can't find any relevant/useful information out th开发者_开发问答ere, or any postings/questions/cries-for-help that describe this or effectively similar problem.

Any ideas?