Citi Bank Java developer Interview Question for 5+ Experienced Professional

Hello to my 16k family, welcome to another article where i will be going through the Java Tech round interview transcript in Citi Bank India. In this article you will get the actual questions and answer to prepare for interview along with my review on company. In my opinion if you are not good in DSA and ALGO and competitive programming like Leetcode. it is best to stick to Java interview where you will rarely gets asked these question they will focus on technology majorly rather than boring coding problem which will not benefits the client at the work. Let's dive in.

Ajay Rathod
10 min readJun 15, 2024

Are you preparing for a job interview as a Java developer?

Find my book Guide To Clear Java Developer Interview here Gumroad(PDFFormat) and Amazon (Kindle eBook).

Guide To Clear Spring-Boot Microservice Interview here Gumroad (PDFFormat) and Amazon (Kindle eBook).

Download the sample copy here: Guide To Clear Java Developer Interview[Free Sample Copy]

Guide To Clear Spring-Boot Microservice Interview[Free Sample Copy]

If you are experienced professional the your tech round will revolve around your experience and you may have to design, develop the peice of code or architecture. be ready for that.

If you are fresher having 0–3 years experienced just go through the topic on high level to prepare for interview.

They has started with below question.

How to Implement security in REST API?

In this question, they want us to write and design a REST API which will implement security.

To implement security in a Rest API you need to implement three things,

  1. Authentication:

Authentication involves determining who a user is. Some methods that can be used to authenticate API users include API keys, HTTP basic authentication, OAuth authentication, and Multi-Factor authentication (MFA).

2. Authorization

API authorization involves determining what an authenticated user can access and making it available to them securely. The process involves checking if the client making a request has permission to perform the requested action.

3. Auditing

Logging and auditing all client requests is a critical component of API security. It allows you to analyze incoming traffic and identify usage patterns. You can use such data to identify attacks and evaluate their impact.

All the above things can be achieved in Spring-boot framework’a spring-boot-starter-security where using Spring Security you can implement the Authentication and authorisation using jwt and oauth tokens etc.

the third point which is related to auditing and monitoring we can use spring’s Actuator end points.

below is the sample program

package com.example.securingweb;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class WebSecurityConfig {

@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((requests) -> requests
.requestMatchers("/", "/home").permitAll()
.anyRequest().authenticated()
)
.formLogin((form) -> form
.loginPage("/login")
.permitAll()
)
.logout((logout) -> logout.permitAll());

return http.build();
}

@Bean
public UserDetailsService userDetailsService() {
UserDetails user =
User.withDefaultPasswordEncoder()
.username("user")
.password("password")
.roles("USER")
.build();

return new InMemoryUserDetailsManager(user);
}
}

What are the updates in Java 8?

I really doubt people are still using java-8 in industry, but with older monolithic application it might be. but if they are asking means its being used.

Few points to remember regarding Java8 feature.

  1. Lambda Expression
  2. Function Interfaces
  3. Stream API, Optional API
  4. New Date Time API
  5. Hashmap Data structure change

How can I switch from a Postgres DB to an Oracle DB in Hibernate. List the things I have to do?

Since its the Banking tech company, expect more questions on DB side and ORM frameworks as its there bread and butter.

If you are heavily into DB you will easily crack the interview.

Lets dive what steps we can take here,

Switching from a PostgreSQL database to an Oracle database in Hibernate involves several steps:

Update the JDBC Driver: You need to replace the PostgreSQL JDBC driver with the Oracle JDBC driver in your project dependencies. If you’re using Maven, you would update your pom.xml file.

from:

<dependency>
<groupId>org.postgresql</groupId>
<artifactId>postgresql</artifactId>
<version>42.2.5</version>
</dependency>

To:

<dependency>
<groupId>com.oracle.database.jdbc</groupId>
<artifactId>ojdbc8</artifactId>
<version>19.8.0.0</version>
</dependency>

Update the Database URL: You need to update the database URL in your Hibernate configuration file (hibernate.cfg.xml) or in your Spring Boot application.properties or application.yml file.

From:

spring.datasource.url=jdbc:postgresql://localhost:5432/mydb

To:

spring.datasource.url=jdbc:oracle:thin:@localhost:1521:mydb

Update the Dialect: Hibernate uses the concept of dialects as the SQL variant spoken by a particular RDBMS. You need to update the dialect in your Hibernate configuration.

From:

spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQL95Dialect

To:

spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.Oracle12cDialect

Update the Database Username and Password: You also need to update the username and password to match your Oracle database credentials.

spring.datasource.username=oracle_username
spring.datasource.password=oracle_password

Update SQL Queries: If you have any native SQL queries in your application, you may need to update them to be compatible with Oracle SQL syntax.

Schema Migration: If you’re switching databases, you’ll also need to migrate your schema and data from PostgreSQL to Oracle. This can be a complex process and might involve using a database migration tool.

Do you know the singleton design pattern? Write an example of a class using the singleton pattern?

You will get at least one question from Design pattern, Singleton will be the one 90% time if you are lucky,

public class Singleton {
// The private reference to the one and only instance.
private static Singleton uniqueInstance;

// An instance attribute.
private int data = 0;

/*
* The Singleton Constructor.
* Note that it is private!
* No client can instantiate a Singleton object directly!
*/
private Singleton() {}

// By providing a static method, you provide a global point of access.
public static synchronized Singleton getInstance() {
if (uniqueInstance == null) {
uniqueInstance = new Singleton();
}
return uniqueInstance;
}

// Adding a set data method to the Singleton.
public void setData(int data) {
this.data = data;
}

// Adding a get data method to the Singleton.
public int getData() {
return this.data;
}
}

How can I replace many if-else statements checking string equality with cleaner code, without using If or Switch statements. Write the code?

I have below approach, let me know if you have different approach,

You can use a Map to replace many if-else statements checking string equality. Here's an example in Java

import java.util.HashMap;
import java.util.Map;
import java.util.function.Consumer;

public class Main {
public static void main(String[] args) {
Map<String, Consumer<String>> actions = new HashMap<>();
actions.put("action1", Main::doAction1);
actions.put("action2", Main::doAction2);
actions.put("action3", Main::doAction3);

String action = "action1"; // This would be the action you want to perform

if (actions.containsKey(action)) {
actions.get(action).accept(action);
} else {
System.out.println("Action not found");
}
}

private static void doAction1(String action) {
System.out.println("Performing " + action);
}

private static void doAction2(String action) {
System.out.println("Performing " + action);
}

private static void doAction3(String action) {
System.out.println("Performing " + action);
}
}

above one is not a cleaner approach, we can use strategy pattern in this regard. here is the good article on this topic by Akın Topbaş

Who receives the return value from System.exit(1)?

The System.exit(1) method in Java does not return a value to the Java program itself. Instead, it stops the Java Virtual Machine (JVM) and returns an exit status to the system that invoked the JVM.

The argument passed to System.exit() is a status code. By convention, a nonzero status code indicates abnormal termination. This returned value can be captured in most command-line interfaces (like bash or cmd) or by a parent process that spawned the JVM process.

For example, in a Unix-like system, you could run your Java program and then use the echo $? command to print the exit status of the last command (which would be your Java program if it was the last thing you ran).

In the context of System.exit(1), the 1 would be returned to the system as the exit status of the JVM, indicating that the JVM terminated abnormally.

What is the difference between an abstract class and an interface?

I think my audience knows this difference hence not writing the answer.

Can you invoke garbage collection? When you should do this? When do things get garbage collected?

In Java, you can suggest that the Garbage Collector (GC) runs by calling System.gc(), but it's just a suggestion. The JVM is not required to start garbage collection immediately. The decision is up to the JVM based on its garbage collection algorithm and the state of the heap.

System.gc();

However, it’s generally not a good practice to explicitly call garbage collection in your code. The garbage collector is highly optimized and for most applications, it’s best to let it run on its own schedule. Explicitly calling the garbage collector can often decrease performance.

Objects become eligible for garbage collection when they are no longer reachable from the root of the object graph — in other words, when there are no more references to them. This typically happens when:

  • The object’s reference is set to null.
  • The object is created inside a block and the control flow exits that block.
  • The parent object that holds the reference to the object is set for garbage collection.
  • The object is a member of a class and the class’s unload() method is called.

The actual timing of when an object is garbage collected is up to the JVM. It typically happens when the JVM determines that it needs to free up memory, but the exact details can depend on the specific garbage collection algorithm being used.

They have asked me Unit test a particular scenario?

Don't remember exact scenario but you should be ready to write a unit test for a given method.

These days they are testing your J-unit skills as well.

Few questions on git commands,

What is the difference between Git Pull and Git Fetch?

git fetch and git pull are two commands that help synchronize your local repository with a remote repository, but they do so in different ways.

Git Fetch git fetch downloads new data from a remote repository. However, it does not integrate any of this new data into your working files. Fetch is great for getting a fresh view on all the things that happened in a remote repository. After fetching, you can compare your branch with the branches on the server with git diff or git merge.

git fetch origin

Git Pull On the other hand, git pull updates your current HEAD branch with the latest changes from the remote server. This means that pull not only downloads new data; it also directly integrates it into your current working copy files. This has the potential to overwrite local changes.

git pull origin master

In Summary

  • Use git fetch to download new data from a remote repository.
  • Use git pull to download new data from a remote repository and integrate it into your local files, updating your current branch.

If you have pending changes in your working copy that you want to save, it’s safer to use git fetch until you're ready to integrate the changes from the remote repository.

Topics:

There were More questions on multithreading, collections framework, some coding questions related to java 8.

Some of them from Microservices basic questions, circuit breaker,Database questions,Design Patterns Microservices Patterns and architectural.

Constraints Database Basics, and simple sqls LinkedList algos etc

Advantage and disadvantages of Microservices.

Java 8 related questions.

Few question on Architecture of previous projects and how you used spring ,ORM framework etc.

HashMap, HashSet and Concurrent HashMap working?

These are commonly asked question, i have previously added the answers for these questions please go through these.

How to implement a caching in java?

If it's a spring project you can use Redis or Memcache cache.

They have asked me to write Java code to write a cache logic,

How you will design your previous project in Microservices if it's a monolithic service.

i have already written steps in my previous articles please go and check that.

The difference between @Service and @Component?

In Spring Framework, @Service and @Component are both annotations used to indicate that a class should be autodetected as a bean. However, they have different semantics and are used in different contexts.

@Component @Component is a generic annotation. It does not carry any special semantics, meaning that the Spring Framework does not assign any behavior to it. It's simply a way to indicate that a class is a component and should be automatically detected by the classpath scanning.

@Component
public class MyComponent {
// ...
}

@Service @Service is a specialization of @Component. It has the same functionality as @Component, but it's used in the service layer. By using @Service, you're indicating that the class is holding the business logic. So it's more about the code readability and maintainability.

@Service
public class MyService {
// ...
}

In summary, while you can use @Component and @Service interchangeably, using @Service for service beans and @Component for other beans makes your code more readable and better organized. It also better aligns with the concept of using the right tool for the right job.

Write a program to rotate an array?

public class Main {
public static void main(String[] args) {
int[] arr = {1, 2, 3, 4, 5};
rotate(arr);
for (int i : arr) {
System.out.print(i + " ");
}
}

public static void rotate(int[] arr) {
int last = arr[arr.length - 1];
System.arraycopy(arr, 0, arr, 1, arr.length - 1);
arr[0] = last;
}
}

Overall Experience and My Take on Company and interview

In-person interview is a grilling session. If they have already selected a candidate, they will simply kill time and laugh on you by asking their day to day issues.

The interview was supposed to be 1 hour but the interviewing panel appeared to be free as they conducted it for 1hr 30 min and were asking if I have some more time.

Their behavior was childish, they make faces and laugh as if there is some inside joke going on. I am glad I did not work there as the work environment didn’t appear appealing. It was way negative and demoralizing!

Thats all folks, Remember dont work here and there if you get the offer, find the place, dig deep on its work environement and then decide.

Thanks for reading

  • 👏 Please clap for the story and follow me 👉
  • 📰 Read more content on my Medium (60 stories on Java Developer interview)

Find my books here:

--

--