If the cookies at client side are disabled then session don't work, in this case how can we proceed?
1. (from servlet) write the next page with a hidden field containing a unique ID that serves as "session ID". So next time when the user clicks submit, you can retrieve the hidden field.
2. If you use applet, you may avoid "view source" (so that people can't see the hidden field). Your applet reads back an ID from the servlet and use that from then on to make further requests.