Securely Passing Data to Web Flow From Controller

Is there a way I can pass data from a @Controller to a Web Flow without using url parameters (ie in some secure way).

I have a Controller implementation (using @Controller Annotation) that handles a post from an xhtml page (from a form with some data in it stored in backing beans). From there I want to do some validation and redirect the user to a web flow passing some data from that form.

This form cannot be part of the web flow for security reasons.