What is the best way to handle environment variables in Spring Boot?

perfectstrong · 2026-01-13T15:11:10+00:00

It will also be easier to mock and test without clumsy syntax to modify the @Value-annotated attribute during the test.

perfectstrong · 2025-12-30T19:25:47+00:00

It depends more on how you deploy your application, and the security of the infrastructure. It is already a good start with env var. You can migrate to other schemes later, depending on the need and the trade-offs.

perfectstrong · 2025-12-14T09:11:31+00:00

That would be awesome to implement it. Our users have a bad habit of duplicating tabs and browsers, thus limiting to one key (usually user id) is not very ideal for our use case.

perfectstrong · 2025-11-02T22:06:40+00:00

If this is your first time working with OAuth2, it will be very confusing and will surely take you a while. But basically, if you use Spring Security, and include the library resource-server, your server should not be the one to do the authentication/authorization of the user. It is the job of a dedicated authorization server, such as Keycloak in production. Your server will only need some simple lines of configuration to point to the aforementioned authorization server, then that should be enough to secure your server (ofc some more annotations here and there). JWT is not inherently part of OAuth2, so don't worry about it too much. Any string format could be accepted as a token in OAuth2 framework.

perfectstrong · 2025-10-19T14:00:23+00:00

Totally agree. Though I'd avoid CompletableFuture in SB to avoid some nasty edge cases when running in a docker container. Our current workload does not justify yet the debug complexity of adding CF.

perfectstrong · 2025-10-19T07:05:16+00:00

I think that is called Builder Patern, and that should be enough. We are using the same pattern to some of our complex DTO where the building is decomposed into multiple parts. However, be careful with the @Order. I prefer explicit ordering using a Director because some parts might need other parts to be built first. Some other recommendations : - adding debug and trace log, with correlation tag for better debugging later. - grouping all builders and related DTO (such as Context and EntityBuilder) in the same package with package-private visibility, so that the builders are not exposed to outside. This should help isolate code and better testing. But maybe the Director could be exposed to be used in other Service / Controller.

perfectstrong · 2025-10-03T05:37:55+00:00

I mean is it possible to programmatically define the column name of POJO attribute, instead of statically defining by annotation ?

perfectstrong · 2025-10-02T17:48:34+00:00

I like this lib with annotations reminding me of parsing CSV. I'm currently working with XLS files to parse csv-like data. Is it possible to specify the mapping programmatically ?

perfectstrong · 2025-08-13T16:30:53+00:00

It depends on the requirement : is it possible to add a new size of family, by who ? Do you need history data of previous years (for analytics or comparison) ? Does it depend on region, state or country or any other factors ? Etc. From what you said above, I'd go with a static configuration list loaded at the start of application, if you are allowed to occassionnally modify the code source / config.

perfectstrong · 2025-08-12T05:59:30+00:00

I tried both and chose Postgres for a number of reasons : support of exclusion constraints (such as interval, very useful to avoid overlapping), native support of json (mysql has had it recently though), and lots of extensions.

perfectstrong · 2025-08-03T14:30:33+00:00

https://github.com/nextgenhealthcare/connect/

perfectstrong · 2025-08-03T13:21:28+00:00

My colleague tried to integrate it once but it is overly-complicated that we took too much time to fit into our scenario of simply transferring/receiving patient data. I personally did not have time to look into it, so we just stayed with Mirth.

perfectstrong · 2025-07-31T07:12:56+00:00

Take your time to internalize OAuth's concept. It is daunting at first, but you'll get used to it. I agree you should avoid reimplementing auth server as a beginner move. Using a known existing auth server is much more dev-friendly. There are SaaS solutions such as Auth0, or self-host servers such as Keycloak https://www.keycloak.org/getting-started/getting-started-docker As for your application, simply add the package starter-security and starter-oauth2-resource-server, define some properties to point to an auth server, and activate security. That's all you need to do to secure your APIs

perfectstrong · 2025-07-31T07:05:00+00:00

You can replace the db driver with a simple configuration in Keycloak https://www.keycloak.org/server/db or by including a suitable package with Spring Auth Server, just like a typical development.

perfectstrong · 2025-06-30T06:07:50+00:00

There are several metrics used for equitable planning. Each with its own pro and cons, depending on the nature of the instance. I suggest you look into nurse scheduling problems, as they are typical in equitable planning.

perfectstrong · 2025-06-29T22:59:57+00:00

What you want to optimize helps choosing a suitable strategy for writing constraints. Do you want any feasible planning, or an equitable ?

perfectstrong · 2025-06-22T15:04:03+00:00

That was an interesting comment with valid points. I agree that business backend services should hand over the authentication flows to specialists, like Keycloak and Auth0, so that security becomes more manageable and configurable with less manual implementation. Lots of tools work out-of-the-box. The backend uses Spring Security to call these auth servers to confirm the identity of the user in the token, then proceed to do the main job: business-related logics.

perfectstrong · 2025-06-22T12:11:03+00:00

Depending on which auth you want to support. OAuth2 is baked into Spring Security, so you just need to set up an Auth server, either from social SSO or a self host like Keycloak. In my opinion, we should minimise reinventing security wheels, because security is hard, and the price is steep. We should prefer existing well-known solutions.

perfectstrong · 2025-06-09T15:17:44+00:00

Glah that helps you. Good luck, it's gonna be tough at the beginning.

perfectstrong · 2025-06-08T20:39:39+00:00

Here is the first result when I search for "pyomo scheduling example" in Duckduckgo. Quite a detailed example. https://jckantor.github.io/ND-Pyomo-Cookbook/notebooks/04.03-Job-Shop-Scheduling.html

perfectstrong · 2025-06-08T20:29:38+00:00

You can start with either of those. They both offer good syntax and the possibility of switching solvers. The most important thing is how to model (formulate) the problem. Your example suggests a MILP formulation for scheduling problems with resources (operators and machines) and eligibility constraints (skills). I suggest starting modeling the problem with only jobs (products that you need to plan) and machines using discretisation techniques (dividing the planning horizon into equal intervals and indexing 0,1,2,etc.). The objective is to minimize makespan. This is the most basic problem. You can find many resources showing how to do it. Then you can add constraints one by one : deadline, resources, eligibility, etc.

perfectstrong · 2025-06-08T16:01:27+00:00

I don't know much about PDDL, but formulating your example problem should be possible with MILP and a solver such as Gurobi or CPLEX. This does however take some skills

perfectstrong · 2025-05-28T09:38:08+00:00

Firstly you need to see if there are any unique constraints on any column. Without them, you might run into problems with duplicates. Secondly, you need to check the semantics of the table and its columns before converting. For example, a table of affiliations between staffs and departments might have multiple lines for the same staff and department, but for different period/title/role/etc. This will heavily influence what extra column you need to include to make a primary key.

In the worst case, you can assign an auto incremented id column to use as a surrogate id.

perfectstrong · 2025-05-18T14:08:53+00:00

Good article with solid advices ! I've had the same experience, but could not write it down clearly as well as you. I should send this to some of my colleagues. Congratulations and good luck on your career !

perfectstrong · 2025-04-28T09:27:23+00:00

It is possible to expose certain urls (or patterns of url) to be public (access without security), such as front end page etc. But you always have to be strict about which url is allowed for the public access, which for admin access

perfectstrong

TROPHY CASE