Just to let anyone who was wondering (and for the benefit of the archives), I ended up ditching sessions all together. Instead, I'm using Apache::AuthDBI to do authentication, and am making calls directly to my database server to maintain state. Its not the most pleasant way of maintaining state, but at least it works.
-man Michael A Nachbaur