• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
  • Mikalai Zaikin

Java and Spring Interview Questions Asked

A Tham
Posts: 19
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi! I was asked the following questions during an interview and here are my answers. The interviewer was not satisfied with my answers. I hope you can guide me to the right answers.

Q1) What is the difference between Spring and Spring Boot?

My Answer: Spring Boot can be compiled as a jar file with Tomcat as a plugin jar to run together. Spring usually is compiled as a war file and run in the webapp directory.

Spring Boot has hot code replacement. Meaning: HTML file can be edited in an IDE and just reload the webpage in the browser, without re-compiling and restarting Tomcat. Spring cannot do that.

Spring Boot does not require many configurations that Spring requires. <But I was asked what kind of configurations but I couldn't answer>.

I did not have any more suggestions to give and the interviewer was not satisfied.

Q2) For an API, what security would I implement to ensure that the requested client is legitimate and not some attacker.

My Answer: Use a pre-agreed token consisting of a hash to be places the HTTP request header to ensure the client is legitimate. All other requests are denied if the wrong token was used or no token was given.

The interviewer was not satisfied with my answer.

Q3) What do I do if there is an DDOS attack to the API?

My answer: Use a CSRF token. A randomly generated alpha-numeric token between requests and response.

Again, he was not satisfied.

I hope someone can advise on these questions so that I can learn from my mistakes.

Thanks in advance.
Peter Rooke
Posts: 1156
Mac OS X IntelliJ IDE Oracle Spring VI Editor Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
For the spring and spring boot answer, I'll say something like:

"Spring is a framework which uses dependency injection which typically helps to configure an application in a flexible, maintainable way".  You could then talk about loose coupling, and high cohesion and even venture into SOLID principles, a subject you may have been asked anyway.

"Spring boot builds on top of the spring framework by providing an opinionated spring configuration which is configurable to a project's needs.  It helps to facilitate faster development".  
The harder I work, the luckier I get. -Sam Goldwyn So tiny. - this ad:
a bit of art, as a gift, the permaculture playing cards
    Bookmark Topic Watch Topic
  • New Topic