Ben,
You're right - configuring HA web sessions in this way is not quite as robust as the traditional replication approach. A shared database session store *requires* sticky sessions (this is not a requirement for replicated sessions) - so the kind of bouncing you're talking about would only occur if the instance A was actually unavailable (crash, undeploy, restart, etc.), thus instance A would no longer know about the session in question and would look for it in the database, and when not found, assume it does not exist (or was invalidated).