Hmmm... why do you need to pass the sessionId to the Flex app? Your sessionId
already resides in the browser and associated with this particular user. If
user does any calls to server - server also knows this sesionId.
Of course, you can pass sessionId to the Flex app - simply do the call to
server and in response wrap sessionId() into XML send it back to client. The
problem here is that storing any secure data in Flex is a security threat. It
is possible to break into the SWF change sessionId variable to something else.
So it is always better to leave all sensitive data to be handled by
browser/session on their own.