We are planning to refactor our J2EE Monolith into Microservicesapplication. We are planning to build using Spring, Spring boot, Spring cloud and Pivotal cloud foundry as PaaS.
When i was validating whether my current application is cloud ready using The twelve-factor app , the important think i noticed is the usuage of 'HTTP Sessions' in our application. The link suggestes
Some web systems rely on “sticky sessions” – that is, caching user session data in memory of the app’s process and expecting future requests from the same visitor to be routed to the same process. Sticky sessions are a violation of twelve-factor and should never be used or relied upon. Session state data is a good candidate for a datastore that offers time-expiration, such as Memcached or Redis.
I don't understand how can i use im-memory data store to track the user session? Could someone please explain? Should i use some unique key for users to retrieve information form in-memory data store?
As a good example, you can have a look on this explanation of Spring Session implementation
https://www.infoq.com/articles/Next-Generation-Session-Management-with-Spring-Session
It has a reference to Redis storage, which you can bind to your application from PCF services.