GAE Flex & session

[mas...@abakode.com]

My WebApp is a Java + Primefaces based ERP.  Our user login generates a session, and makes AJAX calls in order to update content without refreshing or url changes. The JSF param "STATE_SAVING_METHOD" has a default value and actually works fine on GCE with Tomcat and on a local machine with Jetty. The GAE configuration is manual for only 1 istance.

Case 1:

- User X opens the WebApp

- X inserts username/password. If correct, there's a messagge "Welcome X" and a new cookie JSESSIONID

- User Y opens the WebApp, from the same IP (different browser in same computer or different computer in same network with static IP)

- Y skips the login and see the message "Welcome X", without cookie JSESSIONID generation

- Y makes another action (e.g. click on "products" page), but instead of opening it is redirected to the login screen.

Why Y log in to automatically with X username?

Case 2:

- User opens the WebApp

- He calls an action (with AJAX) and all works fine

- User refreshes the page and all active actions (stored in session) are hidden

- If the user makes another action, the previous actions are restored and the new action is added

JSESSIONID mantains the same value for all the time.

I think the problem is session or saving state related, and caused by Load Balancer/GAE Flex.

Did I missed any information about session/state that works differently between GCE and GAE Flex?

Thanks for your answers!

[Yannick (Cloud Platform Support)]

Hello, App Engine flexible doesn't do anything special regarding session/state support, which is handled at the level of the application's code. In case your code isn't accounting for them, you can read about the specific modifications that are done to requests before they are handed to your instance here.

By the way, if your service isn't going to scale past a single instance, is there a reason why your application needs to be in the Flexible environment and not simply on GCE?

[mas...@abakode.com]

My WebApp actually running on GCE and work correctly. I choose to migrate into GAE for various reason: deploying, domain + ssl, system update and (as soon as possible) for the scalabilty.

But the problem is that the same deploy running on GCE or in local machine not working on GAE, with the 2 cases i explaned. 

[Yannick (Cloud Platform Support)]

In order to scale out your application on App Engine, you will need to rewrite your application to not save session information locally to disk or memory.

The most common way to do it on App Engine Standard is Memcache, but it is not yet available on the Flexible environment. As detailed in this Stack Overflow answer by a Google engineer, available options for App Engine Flexible PHP include storing session information in Cookies, using Cloud SQl or Cloud Datastore.

If you wish to troubleshoot your current session handling method I recommend you create a question on Stack Overflow using one of the tags monitored by our community technical support team, preferably including all of the relevant session-handling code and configuration.