Cookies have some pretty severe limitations in terms of the amount of data you can store. Besides, they get transmitted to the server on every request, so you don’t necessarily want to store a ton of data in there anyway.
On the other hand, using sessions on the server to store data for the current user is also a bad idea unless you have a small or very predictable user base. If you’ve got a heavily dynamic app and you want to scale it up somewhat linearly, you need to work with HTTP’s generally stateless model.
The Ajaxian blog points to a couple of posts by Brad Neuberg about keeping session state in the browser. Using AJAX and Brad’s techniques, you’re only sending the state back to the server when you need to, not every time as you do with cookies.
The quick trick (it’s worth linking through to Brad’s original article) is to store your “session” data in a text field in a form. (It must be in a form.) Brad tested in IE, Firefox and Safari and found that he could store data in all three, and it would still be there when he hit the back button. Additionally, he tried storing 1MB in both IE and Firefox and had no problem.
That can certainly solve session affinity problems, couldn’t it?