I had the same problem, so i created my own BalancerFilter class.
On the point where the BalancerPortal class uses a hres.sendRedirect(encoded);
I implement the following strategy:
A) determine new URL (most of the time simple substring replacement)
B) get content of that URL (using e.g. apache's org.apache.commons.HttpClient)
note special treatment is necessary to handle POST requests, parameters need to be copied, but not all the request headers (since there is a length attribute which might give problems).
C) write content on the reponse outputstream of the doFilter parameter.
Note that in my current setup there is no security for the other nodes, but this could be implemented using htaccess rules by restricting clients to the ip of the balancer app.
I think the neatest approach would be to be able to specify a Strategy object using the xml configuration of the balancer so you can plug-in your own strategy class for handling a request.
Maybe I'll rewrite my solution in such a way.
First I must now make sure that all my sessions are Serializable....:)