Nuwana - Software Development

 JAR  vs fat/uber JAR 01.By default, when you build a regular JAR with Maven or Gradle, your code is packaged inside the JAR, but the dependencies (external libraries) are NOT included inside the JAR itself. 02. This means, on the server where you deploy, you also need to have those dependency JARs available in the classpath for your application to run correctly. 03. However, for easier deployment, many projects use a “fat” or “uber” JAR (sometimes called a shaded JAR). This is a special kind of JAR that packages all your project classes AND all dependency classes into a single JAR file. 04. Tools like Spring Boot’s Gradle or Maven plugins can create such fat JARs using the bootJar task. That way, you only deploy one big JAR, and it has everything needed inside. Extra: When you build a JAR file using Gradle, the Gradle build files themselves (like build.gradle or settings.gradle) are NOT included inside the JAR. The JAR contains only Here’s how usually works when Jenkins and y...

  Java thread life cycle and wait/notify 01.Java Thread Life Cycle — The 6 Main States New → Runnable → Running → Blocked / Waiting / Timed Waiting → Terminated 1. New: Thread is created, but start() hasn’t been called yet. Thread t = new Thread(() -> {}); 2. Runnable: Thread is ready to run, but waiting for CPU time. t.start(); // thread goes to Runnable state 3. Running: CPU picks the thread and runs its run() method. 4. Blocked:  Thread is trying to enter a synchronized block, but another thread holds the lock. synchronized(obj) {     // if another thread is inside this block, you are BLOCKED } 5. Waiting / Timed Waiting: The thread is waiting for another thread to signal/notify it. There are two kinds:   Waiting: infinite until notify()   Timed Waiting: waits for a timeout (e.g., sleep(1000)) wait() and notify() — How They Work These are used for inter-thread communication — not locking. wait(): Tells the thread ->  “Go to ...

How HTTPS works: Phase 1: TLS Handshake (Secure Channel Setup) Phase 2: HTTPS Communication (Encrypted Data Transfer) Phase 1: TLS Handshake (Secure Channel Setup) Step 1: Client Hello  The browser (client) sends an HTTPS request to the server.  It includes:    A random number (`client_random`)    A list of supported cipher suites (e.g., ECDHE-RSA, ECDHE-ECDSA)    TLS version info  Step 2: Server Hello  The server responds with:    Another random number (`server_random`)    A selected cipher suite (e.g., ECDHE-RSA, ECDHE-ECDSA)    Its digital certificate (contains public key and domain info)  Step 3: Certificate Validation (Browser Side)  The browser verifies the server certificate:    Is it issued by a trusted Certificate Authority (CA)?    Is it not expired?    Is the domain name correct?    If valid → continue.    If not → browser shows a "connec...

Data structure and algorithms 01. Data structure Data structure means the way we used to store or hold the data (RAM or Hard Disk). Advanced: A data structure is a way of organizing and storing data in memory (like RAM or even on disk) so that we can access and manipulate it efficiently. There are some basic data Structures (several commonly used data structures): Basic data structures: Array, LinkedList, Stack, Queue, Map Advanced/complex data structures: Tree, Graph, Trie, Heap, etc. Those 2 types are the foundation/base to build most of data structures. Array: Stores data contiguously in memory (in a memory block). Fast to access by index, but resizing and insert/delete operations are expensive. Linked List: In the Link List, not matter where data has been saved. Each data may have in different different locations but in Link List, they (Node) hold the memory address (Stores elements as nodes, where each node contains the data and a reference (or address) to the next node). Singly ...

Simple definition: AOP is a way which add some behavior to a method before and after execution it. To handle the AOP behavior proxy concept has been used. Each beans which need AOP, wrap by proxy object and any incoming call is common through proxy and proxy object is handling AOP part (Normally when inject AOP beans, actually beans not inject and instead if that proxy is injecting and proxy redirect to actual methods). Optimize version: AOP is a way to apply behavior before, after, or around method execution without modifying the method itself. Spring AOP uses proxies to achieve this. Only beans that match AOP pointcuts are wrapped in proxy objects. When we inject such a bean, we are actually injecting the proxy, which intercepts method calls, applies AOP logic, and then calls the actual method on the real bean. Core Spring AOP Annotations (used in custom aspects) @Aspect --------------------> Marks a class as an aspect that contains AOP advice methods    @Pointcut -------...

  Full Federated Login Flow: Cognito + Azure AD 1. User triggers login Your app redirects the user to this Cognito URL: https://prod-timemate.auth.us-east-1.amazoncognito.com/authorize?client_id=jssams30e4gciifv89j6abc5f&response_type=token&scope=email+openid&redirect_uri=https://app.timemate.aeturnum.com%2Ftimesheet 2. Cognito redirects the user to Microsoft login (Cognito redirects to Azure AD) 3. Azure AD authenticates the user  Azure checks its own user pool for the username and password.  If the user exists and credentials are valid → login success.  Azure returns an ID token (and maybe access token) to Cognito. 4. Cognito extracts user info  Cognito reads claims from Azure’s token (like email, `sub`, name, etc.).  If this is the user's first login, Cognito creates a federated user in its user pool (linked to Azure AD). 5. Cognito issues its own token  Cognito now generates and returns a Cognito JWT token (ID token + access token) to y...

What is a BOM (Bill of Materials)? A BOM is a special kind of POM file (in Maven) that defines a set of dependencies with their versions. It doesn’t bring in the dependencies directly — it just tells the build tool which versions to use when those dependencies are needed. Avoid version conflicts, Centralize version management, Ensure all modules use compatible versions, Reduce duplication in multi-module or large projects Create and Use a BOM in a Multi-Microservice Setup Create a new Maven project for your BOM. This will be a pom-only project — not a JAR. pom.xml <project xmlns ="http://maven.apache.org/POM/4.0.0" xmlns: xsi ="http://www.w3.org/2001/XMLSchema-instance" xsi :schemaLocation ="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" > <modelVersion> 4.0.0 </modelVersion> <groupId> com.lahiru.company </groupId> <artifactId> lah...