Technical details of review the doctors


Technical Objectives

  1. To learn Spring data JPA
  2. To learn Spring security.
  3. To learn Spring MVC.

Technology stack

Revewthedoctors uses the following technologies:

  1. Backend Programming Language:Java Core + Java EE
  2. Backend Framework:Spring framework (Spring core , Spring MVC , Spring security, Spring data JPA+Hibernate)
  3. Database:My SQL.
  4. Build Automation and dependency management:Gradle
  5. Frontend CSS Framework: Material design lite
  6. Frontend javascript framework:Jquery

Block Diagram

Block Diagram of the application revewthedoctors.

Presentation layer:

Spring, JSP, jquery and CSS has been implemented in the presentation layer.Only DTOs are exposed to this layer and entities are not

The reason for using both Spring and Jquery in presentation layer

Initially as I wanted to learn Spring MVC properly, I programmed the entire application using Spring MVC. However, later I could see how tightly coupled my application became because of which I started changing the code little by little. Hence I refactored some of my controllers and instead of sending model attributes to the presentation layer , they use @ResponseBody to send the response to the presentation layer where they are handled using jQuery. This manner of sending and receiving response could make integrating mobile applications seamless. However as I have made extensive use of HTTP Sessions using Spring Security , I still need to find a workaround so that mobile applications can be integrated effortlessly.Nonetheless by using jQuery and JSON , I have somewhat achieved a level of decoupling. In coming phases of the development I will completely remove Spring from my presentation layer.But now the some part of view layer uses Spring while the remaining use jQuery.


Controllers help in bridging view and API layer.

Objects that are exposed to controller :DTOs and API classes.

Objects that are not exposed to controller : Entities and Repositories


API layer helps in bridging Repositories and Controllers.

Objects that are exposed to controller: DTOs , Entities, Repositories


They are JPA repository and have queries for manipualting data in the database.

Objects that are exposed to Repository: Entities

Objects that are not exposed to Repository: DTOs, APIs , Controllers

Entity relationship diagram

Entity relationship diagram of revewthedoctors


There are two types of users in reviewthedoctors namely users and admins.

Admin:Admins can create and view all the entities.They have ADMIN_ROLE as their authority which is used while securing URLS using Spring Security.

User: Similarly Users can search review/doctors, check their review feed, make reviews about doctors and rate them aswell. They have USER_ROLE as their authority which is used while securing URLS using Spring security.


Directory structure of project uploaded to github
Directory structure after running ‘gradle build’ command.
  1. .git: This folder is related to git and contains information about version control system such as branches, index and so on
  2. .gradle: This folder is related to gradle and the tool uses for caching.
  3. .settings: This folder is related to eclipse IDE and is not uploaded to git.j
  4. bin: The complied bytecodes of java classes are stored in this folder.
  5. gradle: Contains gradle-wrapper.jar and
  6. src : This folder contains java source codes, jsp pages , js files , css files , spring configuration files and so on.
  7. .classpath: File related eclipse IDE. Classpath is like environment variable of JVM.
  8. .gitignore : It contains the files and folders that are supposed to be ignored while committing in git. Its content is as follows
# Package Files #

9. .project: This is related to Eclipse IDE.

10. build.gradle: This file is related to Gradle. Its content is as follows

apply plugin: ‘war’
apply plugin: ‘eclipse-wtp’
repositories {
dependencies {
 runtime “mysql:mysql-connector-java:5+”
 compile “org.slf4j:slf4j-api:1.7.18”
 compile “javax.servlet:jstl:1.2”
 testCompile ‘junit:junit:4.12’
 compile ‘’
 compile ‘org.springframework:spring-webmvc:4.2.8.RELEASE’
 compile ‘’
 compile ‘’
 compile ‘javax.servlet:javax.servlet-api:3.0+’
 compile ‘cglib:cglib-nodep:2.2.2’
 compile ‘org.aspectj:aspectjrt:1.6.12’
 compile ‘org.aspectj:aspectjweaver:1.6.12’ 
 compile “org.hibernate:hibernate-entitymanager:4.3.10.Final”
 compile “org.hibernate:hibernate-core:4.3.10.Final” 
 compile “org.hibernate:hibernate-validator:5.1.3.Final” 
 compile ‘javax.el:javax.el-api:2+’
 compile ‘com.fasterxml.jackson.core:jackson-core:2+’
 compile ‘com.fasterxml.jackson.core:jackson-annotations:2+’
 compile ‘com.fasterxml.jackson.core:jackson-databind:2+’

11. These files are gradle files that are used in executing build of the project when using gradle wrapper.

12. settings.gradle: This file is also related to gradle and is basically used to configure a project as multi module project and so on.

src/main folder


It contains .java files.

Base Package Naming convention: com.reviewthedoctors


Entities of the project .

It contains Entities of the project which are all annotated with javax.persistence.Entity. These entities are exposed in just apis and repository layers.This package is scanned and the required configuration is mentioned in src/main/resources/spring-config.xml as follows

<bean id=”entityManagerFactory” class=”org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean”>
<property name=”dataSource” ref=”dataSource” />
<property name=”jpaVendorAdapter” ref=”jpaVendorAdapter” />
<! — spring based scanning for entity classes →
<property name=”packagesToScan” value=”com.reviewthedoctors.model.entity” />

com.reviewthedoctors.model.dto package

classes inside dto package

This package contains data transfer objects which are used to transfer data from APIs to controller and vice versa. Furthermore these DTOs are also used to transfer data from controller to view layer and vice versa.

com.reviewthedoctors.model.enumconstant package

This package contains all Enum constants that are related to this application

com.reviewthedoctors.repository package

Classes inside repositories folder

This package contains JPA repositories. All these repositories extend CRUD Repository. The required configuration for this is at src/main/resources/spring-config.xml as follows:

<jpa:repositories base-package=”com.reviewthedoctors.repository” />

com.reviewthedoctors.api package

Interfaces inside api package

I have made an extensive use of Interfaces. For every API classes there are corresponding interfaces. While injecting dependencies of APIs to controllers, it is done through these APIs which ensures lose coupling.

com.reviewthedoctors.api.impl package

Classes inside api.impl package

This is the service layer of the project and they are injected inside controllers. They are annotated with @Service annotation. The configuration for this package is at spring-config.xml which is as follows:

<context:component-scan base-package=”com.reviewthedoctors” />

com.reviewthedoctors.controller package

Classes inside controller package

All these controllers are annotated with @controller annotation. Similarly all the interfaces of service layers are autowired inside these controllers.

Admin Controllers:

All Controllers that begin with the word Admin are used for admin controllers.

  1. AdminDoctorController
  2. AdminDocumentController
  3. AdminHospitalController
  4. AdminLocationController
  5. AdminMainController
  6. AdminReviewController
  7. AdminSpecialityController
  8. AdminUserController

User Controllers

  1. ReviewerController
  2. SearchControllers

Other Controller

  1. Main controller: It contains methods to serve pages that arenot any user specific. For instance Signup page , login page, error pages and so on. package

It contains a class that handles request when ever authentication succeeds.It contains a class WebAuthenticationSuccessHandler class that extends SimpleUrlAuthenticationSuccessHandler. Moreover it implements the following method:

public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws ServletException, IOException {

This method handles request after a user is successfully authenticated.

com.reviewthedoctors.util package

It contains utility classes such as ConvertUtil, Session Util and String Constants

Utility classes inside util package.


This is a utility class that converts DTOS to entities and entities to DTOs.

Convert util : a class for conversion.

SessionUtil class

This class retrieves Authentication object from SecurityContextHolder and returns com.reviewthedoctors.model.entity.User object that is the user in the session from the method getCurrentUser().

StringConstants class

In order to improve performance commonly used strings are declared under String constants as static and final. package

This package contains a test class which is a blank class. This package is a dummy package and will later be used to test different machine learning algorithms such as Logistic Regression or SVM in order to perform sentiment analysis in the reviews of the doctor.

com.reviewthedoctors.initialization package:

This package contains a class Initializor that populates default values of various entities in database.It is created as follows:

<bean id=”initializor” class=”com.reviewthedoctors.initialization.Initializor” init-method=”init”/>

The init method populates values in various tables in the database.The details are as follows:

Country table:A country named Nepal is added.

Zone table:A Zone named Bagmati is added.

District table : A District named Kathmandu is added.

City table : A city named Kathmandu is added.

Speciality table :Speciality name Pulmonologist with chest as speciality category is added.

Hospital table: Hospital named ‘Grande International Hospital’ is added.

User:One user and one admin is added.


Name: admin admin admin


Password: ‘test’

authority: ADMIN_ROLE


Name: Srija Pokhrel


Password: ‘test’

authority: User_ROLE

Doctor Table A Doctor with following details is added.

FirstName: Arjun

MiddleName: Kumar

LastName: Karki


Hospital:Grande International Hospital.

src/main/resources folder


This is the xml file that is supplied as a initial parameter to Dispatcher servlet in web.xml as follows:

This file has all the required configurations for the web application such as

  1. annotation configuration to serve static resources, transactions and other components.
  2. Configuration for datasource
  3. Configuration for jpa repositories, services and controllers.
  4. Configuration of InternalResourceViewResolver.
  5. Configuration for jpaVendorAdapter.
  6. Configuration for entityManagerFactory.
  7. Configuration for transactionManager.

Apart from these configuration this xml file also imports the following xml files:


This xml file handles security of the overall application by restricting various URLs of the application.

Intercept URLS:

  1. URLs having /reviewer/** patterns are restricted for the users having authority USER_ROLE.
  2. URLs having /admin/** patterns are restricted for the users having authority ADMIN_ROLE.

Custom login form

Similarly Spring security is responsible for prompting a custom login form to the user which is /home.

Authentication Manager

Authentication manager is responsible for checking the values that are provided by users when they login. Here, the values are fetched from user table.The email attribute of the user table is the user name and password attribute of the user table is the password.Similarly authority is checked from authority attribute from the same table.

Authentication success and failure

  1. Incase a user is authenticated , the request is handled by class
  2. If a user is not authenticated then /403 page is shown.\

src/main/webapp folder

pages folder

  1. It contains JSP pages.’temp’ is a temporary folder and used to store temporary files.
  2. common has jsp files that are common to many jsp files like menu, tabs , headers and so on.
  3. module has different jsps files that are stored in different folders:

All folders except loginsignup and reviewer belong to admin. However the files inside document have not been used in this phase and will be used in later phases.


This folder contains sub-folders for the following:

  1. js files: Just like the JSP pages, all js files have also been separated in different folders.For instance, js files related to city entity is under city folder, zone entity under zone folder and so on.

2. CSS files

3. images

Overall directory structure.

URLs naming convention

CRUD of entities

For the CRUD of entities from admin side the naming convention follows a constant pattern:

Resource Name:resourcename(plural)

Action: Action to be performed is determined by HTTP verb.

The same naming convention is followed for other entities namely city, user,doctor,specialty ,hospital and review.

Similarly for delete and edit the URL names and HTTP verbs will be implemented as follows for all the entities:

Admin pages

All pages related to admin can be accessed by users with authority ROLE_ADMIN and they follow the following pattern:


User pages

All pages related to users can be accessed by users with authority ROLE_USER and they follows the following pattern:


Details about the pages and their urls are at the following location

Future Enhancements

  1. Address the issue of tight coupling by removing Spring framework in the presentation layer which might require some refactoring in the controller layer.
  2. Complete Search functionality in the reviewers’ dashboard.
  3. Add more information about related hospitals and doctors in /revewthedoctors/reviewer/reviewfeed and /revewthedoctors/reviewer/myreviews pages as currently those pages look a bit empty.
  4. Exception handling should be done properly.
  5. Improve the overall design of the application and remove pictures that I have downloaded from google.
  6. Refactor the utility class ConvertUtil. I should look into APIs like Dozer or model mapper.
  7. Integrate machine learning algorithm to categorize doctors by their reviews.
One clap, two clap, three clap, forty?

By clapping more or less, you can signal to us which stories really stand out.