Puspender Tanwar

Ranch Hand
+ Follow
since Apr 21, 2015
Puspender likes ...
Cows and Likes
Total received
In last 30 days
Total given
Total received
Received in last 30 days
Total given
Given in last 30 days
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Puspender Tanwar

I have build a REST api using Spring boot. The database has 39 tables and the number of Rest controllers are 31. Considering 2000 daily users which hit the API, how do I caclulate the RAM required on AWS ec2(or any xyz cloud provider) for running the API efficiently? As of now I am using their free tier which comes with 1core 1GB ram. But my application keeps on crashing. It stops even when I am not hitting the API. Sometimes logs are getting generated which shows memory issues and maximum times it stops without any server logs.
I have deployed the REST API using java -jar

2 months ago
So I tested posting the new entity at 2020-05-27 14:15:20 UTC:

Before persist: null
getter: 2020-05-27T19:45:20

Means, it is done by the Hibernate using the JVM's default timezone.
2 months ago

Problems may occur if you allow the client to set fields of type LocalDate, LocalTime and LocalDateTime. In general it's not a good idea to use the same class to both represent data in your database and data received from the client. For instance, what if I POST your JSON example from Germany? First of all, why can the client POST commentId, createdAt and updatedAt at all? Those fields should be determined by the server, not the client

I have separate IN and OUT Dtos which uses mapping library MapStruct to map the IN and OUT fields. The createdAt and updatedAt are not sent by the client, those are set by the server. I removed all these details to avoid verbosity. I kept the bare minimum code.

You can find out which of the two does it by printing the value of comment.updatedAt before you save it in the repository and after you retrieve it from the repository

Yes I will check this out and post the results here.

Thanks for your time Stephan
3 months ago
This is the Comment entity:

POST operation:

GET operation : Repository, controller and service methods:

This is all I am doing apart from setting spring.jpa.properties.hibernate.jdbc.time_zone = UTC into the application.properties file. I have done nothing manually to change or manipulate the timezones.

So, I commented on 2020-05-02 06:49:53 and the createdAt time got saved into DB was 2020-05-02 01:19:53. Then I retrieved the comment and the createdAt recieved was 2020-05-02T06:49:53 which is rightly converted IST timezone which is UTC+5:30

 "commentId": 110,
 "content": "comment at 6:49:55",
 "createdAt": "2020-05-02T06:49:53",
 "updatedAt": "2020-05-02T06:49:53",
3 months ago
I have spring.jpa.properties.hibernate.jdbc.time_zone = UTC set into my project's application.properties file and it's also working fine. I am into IST timezond and when I POST data to my REST API, the UTC gets saved into the database. And when I fetch the data from my REST API, I can see the UTC being converted to `IST` automatically.

How does this happen internally? Does anything depend on the system's JVM timezone? What would happen when I deploy my REST API and the Database to AWS instance?
I am worried if this would work if I go into production. As of now, everything is local to my system.

Guidance, please.
3 months ago
Problem solved using javax.validation.Validator.validate(object) which gives the failed constraints.
7 months ago

Claude Moore wrote:In Spring Boot  you could annotate with @Validated your @Service class to get all @Valid annotated params in methods to be validated.

That changes the returned response. The "object" and "field" returned in the JSON are different with @Validated. The "object" now contains "myUserService" and the "field" conatins "myUserService.nethod.name"
7 months ago

Salil Wadnerkar wrote:@Valid is processed by Spring MVC for MVC controllers, not for any other classes.
This is so that it can return a bad request (400) error on these validation failures automatically.

What solution do we have then? I want to validate the object in exactly same manner as Spring does. Does spring provide any support for that?
7 months ago
I am having this UserDto class which I want to put under @Valid

I have some requirements where I can't put validation on controller method, but I need to do it on the service method.

But this is not working. And if I put @Valid on the controller method, I do get the validation errors as expected.
Why so? Does serialization/deserialization has something to do with valition?
7 months ago
Thanks Stephan.
Suppose in future, I want to grant few users some extra permissions. Like you are the Author of the Spring forum, so you have some extra permissions.
In the same manner, users of my website would be granted special permissions based on their points.

How this is handled? ACL?
1 year ago
Suppose I have two entities User and


which are having One-to-Many relationship.
Now, User theCoder created an article - "How to ask question?" . Article got saved in Article table with foreign key theCoder.
Now, another user theHacker logged into the application from somewhere and read the "How to ask question?" article. Now, he/she tried to perform delete/update actions on the article, which they are not allowed to. Only the owner of the article can delete/update the article.

How should I achieve this?

One way is to check the principle(logged in user's username) and then compare the user who create that article. If they match, delete/update the post otherwise throw 403 unauthorized.

But that would be a lot to do in multiple controllers. Is there something handy provided by the Spring security?

I looked for it and there is ACL security, but I don't understand if it's the one I am in use of. Nor there are some good articles/blogs/tutorials found on the web.
1 year ago

Stephan van Hulst wrote:Why are those three sub-modules POM projects?

Sorry, typo it was. All those three are jar projects
1 year ago

Stephan van Hulst wrote:No, <dependencyManagement> only configures dependencies, it doesn't include them.

Regardless, what you want isn't possible and doesn't make much sense. You can't use a JAR project as a parent, and declaring dependencies in a POM project doesn't make sense of you don't want to include them in child modules.

actually it's a multi module maven project.

sample-common contains some common classes/operations to the other two modules.
sample-persistence contains Database entities other other persistence related stuff.
sample-rest contains the Controllers and other stuff for creating REST API.

These all three modules are <packaging>pom</packaging>

The dependency I use in sample-common, I don't want them to include in the other two modules. How do I achieve this?
1 year ago
I am having this pom file in one of the module of a multi-module maven project.

I want the validation-api to be included in my sample-common module only, and not in its child modules and that's why I declared it in <dependencyManagement>. But putting it this way, doesn't even include the validation-api in the sample-common. It's not even brining dependencies in this module.

What is the correct way then?
1 year ago