Debug Diaries

While working on a chatbot project based on Apache OpenNLP , we followed a microservice architecture , as the product was new and being built from scratch. We had multiple independent services that communicated internally using a custom token along with a user ticket for authentication. The custom token was time-based , valid for only one minute , and required a positive time difference.  If the client’s time was ahead of the server, the generated token would be considered invalid before it even reached the server because the server calculates the time difference as a negative value, which violates the validation rule requiring a positive time difference within one minute . A request would be processed successfully only if both the custom token and the user ticket were valid. If either validation failed, the request would return an error response . We deployed all microservices on a centralized high-performance server , allowing each service to run independently. During develo...

Today, we're going to discuss a simple bug that marked the beginning of my learning journey. It may seem basic now, but for someone from a humble background who had never even touched a computer, it was a significant challenge. Looking back, it might not seem like much, but it holds a special place in my heart as the starting point of my growth. In the early days, we used the Common ClassLoader ( tomcat/lib ) for all web applications (contexts). Let's assume we had two contexts named app1 and app2 —both applications' JAR files were placed in the common class loader, allowing them to access each other's classes. From a security perspective, this approach was not ideal. To address this, we switched to using the WebApp ClassLoader ( tomcat/webapps/app1/WEB-INF/lib/ ), ensuring isolation between applications. We maintain a HashMap that stores user details against a unique ID retrieved from cookies. If no entry exists for the given ID, we check the database to see if there ...