If you disable cookies in your browser all you get are lots and lots of ViewExpiredExceptions, because the URL parameter that should propagate the session is missing.

While debugging I found that this is caused by Seam's rewrite filter:

It does the rewriting in those methods that are used to encode URLs, but then only ever applies the configured rewrite rules (if any), but never actually adds the session id.

I found an existing Jira issue and added some comments there.
Would be nice if this could be fixed soon.

(Seam 2.1.1.GA)