This will probably work and be completely convenient, but usually I try to avoid ThreadLocal for such use cases as much as I can. Causes:
You just start to depend on the fact that the base container uses different threads for different users. If the container starts using NIO, various types of threads (for example, green threads that will not be displayed in java.lang.Thread on some exotic JVM), etc. You are out of luck.
ThreadLocal , as a rule, forget to clean up after using them. Therefore, if your server has spikes in use, and one of the users puts a lot of things in the cache, you may run out of RAM.
As a result of not cleaning up after a request, ThreadLocal may reveal a security vulnerability, assuming another user goes into the same thread.
Finally, I believe that ThreadLocal was designed for environments in which you have absolute control over threads in your context, and this use case is so far from it.
Unfortunately, I know little about GAE to offer a viable alternative, sorry for that!