Yeah, I don't really see the need for what you're trying to do either, or at least not in the way you're trying to do it. As I suggested previously, if you want a bunch of this "magic" stuff to happen, abstract it away, put it in a filter or base servlet or somewhere. This also has the benefit of working across deployment environments.
It is certainly possible to create your own "session" management - Just:
1. Define the class that does all you want, make it Serializable so the individual user sessions can be stored on disk or in a database.
2. On initial entry of your user, create an instance and give it a unique id string that is also a valid file name and write it to disk
3. IF you want to use the servlet session mechanism at all, store the id in the user's session, otherwise use the cookie mechanism to ensure that every user request will contain the unique id.
4. On subsequent requests recover the serialized object, modify and re-write.
Add some caching and you will have duplicated the servlet session with your own code. An interesting programming exercise but probably not necessary.