DAILY NEWS

Stay Ahead, Stay Informed – Every Day

Advertisement
I Built an AI Agent Orchestrator Where Gemma 4 Only Knows What You Teach It



Gemma 4 Challenge: Build With Gemma 4 Submission

            This is a submission for the Gemma 4 Challenge: Build with Gemma 4

What I Built

GemmaOrch is a skill-based AI agent orchestrator: you define what an agent knows by dropping Markdown files into a folder, assign those skills to a named agent, and chat with it. The agent powered by Gemma 4 will only answer within the boundaries of those files — it refuses anything outside scope with a precise phrase, never hallucinates expertise it wasn’t given.

The core idea: agent behavior lives in .md files, not in code. No prompts hardcoded in the application. No domain logic baked into the service layer. The skill files arethe agent.

What it solves: building specialized AI assistants usually means either fine-tuning a model (expensive, slow to iterate) or writing complex prompt engineering into your codebase (brittle, hard to maintain). GemmaOrch separates the two concerns — the orchestration logic stays in Java, the expertise lives in plain Markdown that anyone can read and edit.

Key features:

Skill-driven agents — each agent’s system prompt is built entirely from its assigned skill files at runtime.
GitHub skill importer — paste a public GitHub folder URL and GemmaOrch fetches every .md file recursively, creating the skill locally.
Streaming chat — token-by-token streaming via Spring WebFlux, rendered as Markdown client-side.
MCP server — every agent is automatically exposed as a JSON-RPC 2.0 tool on POST /mcp, callable from Claude Code, Cursor, or any MCP-compatible IDE.
REST API — POST /api/chat/{agentId} for integrating agents into external services, with a one-click “Copy curl” button in the UI.
Zero infrastructure — H2 file-based database, no external services required beyond the AI Studio API key.

Built with: Java 25 · Spring Boot 3.5 · Spring AI 1.1.5 · Thymeleaf · HTMX 2.0

Demo

The app runs locally — see the Quick Start in the repo or the Docker section to spin it up in two commands.

Dashboard — 3-panel layout (skills · main · agents):

Creating and importing skills:

Chatting with a skill-scoped agent:

API Access panel — copy the curl command directly from the agent detail view:

Agents as MCP tools in the IDE:

Code

Repository: Bzaid94/gemmorch-agents

How I Used Gemma 4

I used the gemma-4-31b-it model — the 31B dense instruction-tuned variant — via Google AI Studio through Spring AI’s spring-ai-starter-model-google-genai.

Why the 31B dense, specifically:

The project enforces a hard constraint: agents must refuse anything outside their assigned skills and must do so with an exact phrase. This is a correctness requirement, not a quality preference — if the constraint breaks, the product doesn’t work.

I tested smaller variants first. The 4B model followed the constraint most of the time, but would occasionally drift: offering “related” information outside its skills, or partially revealing the system prompt when directly asked. With the 31B dense, these failures essentially disappeared. The constraint held reliably across multi-turn conversations and adversarial inputs.

Two specific things the 31B unlocked that smaller models couldn’t deliver consistently:

Long-context constraint adherence. A single agent’s system prompt can carry 10,000+ tokens of skill content (multiple skill files, each with reference documents). The 31B model kept the opening STRICT CONSTRAINTS block in effect even with extensive context following it — smaller models would silently “forget” early instructions as contextgrew.
Role disambiguation. Many skill files written for Claude Code or agentic CLI tools contain dispatch instructions like “invoke subagent X” or “request tool Y.” Injected directly into a system prompt, smaller models would sometimes output those templates literally. The 31B correctly understood the meta-instruction — “you are the agent being invoked, not the orchestrator invoking agents” — and applied the skill knowledge directly instead of outputting workflow templates.

Why not the 26B MoE? The MoE variant optimizes for throughput across concurrent requests. GemmaOrch is a single-tenant orchestrator where precision per response matters morethan requests-per-second. The dense model’s full parameter activation per token is worth the inference cost for this use case.

Why not the 4B? For a general assistant or creative tool, the 4B is genuinely capable and would be my first choice to keep costs and latency low. But when “breaking the constraint” is a correctness failure — not just a quality degradation — the extra capacity of the 31B is justified.

The open-weights advantage: Gemma 4 is open. The application is architected so the model is an environment variable — swap AI Studio for a local Ollama instance and nothing else changes. For users with sensitive skill content (internal knowledge bases, proprietary processes), self-hosting is a real deployment path, not a future promise.

Switch from AI Studio to self-hosted in one line:

spring.ai.google.genai.chat.options.model=gemma-4-31b-it

Or run locally with Ollama:

ollama run gemma4:31b

Source: https://github.com/Bzaid94/gemma-agents-orchestrator.git · License: Apache 2.0



Source link

How We Built ElderEase: An AI-Powered Healthcare Platform for Seniors


How We Built ElderEase: An AI-Powered Healthcare Platform for Seniors

Healthcare technology is often built for hospitals and professionals — not for elderly individuals trying to live independently.

That realization inspired us to build ElderEase, an AI-powered healthcare monitoring platform designed specifically for seniors and caregivers.

Our goal was simple:

Make healthcare monitoring accessible
Simplify health insights
Support preventive care
Reduce caregiver stress
Help seniors live more safely and independently

In this article, we’ll share:

the problem we tackled
the technologies we used
how we implemented real-time monitoring
challenges we faced
lessons we learned while building ElderEase

Millions of elderly individuals live independently without continuous medical supervision.

Small changes in health conditions like:

low oxygen levels
sudden fever spikes
abnormal heart rate

can go unnoticed until they become serious emergencies.

At the same time, many seniors struggle with healthcare applications that are:

overly technical
difficult to navigate
not designed for accessibility

Caregivers also face difficulties monitoring multiple patients and responding quickly during emergencies.

We wanted to build a system that was:

simple for seniors
helpful for caregivers
proactive instead of reactive
accessible and easy to understand

That became the foundation of ElderEase.

What is ElderEase?

ElderEase is a real-time healthcare monitoring platform for elderly individuals and caregivers.

The platform combines:

real-time vitals monitoring
emergency detection
AI-assisted health insights
caregiver alerts
health trend visualization
accessibility-focused UI/UX

The system monitors:

❤️ Heart Rate
🫁 SpO₂ (Blood Oxygen)
🌡 Body Temperature

and transforms raw health data into understandable and actionable insights.

🔴 Real-Time Monitoring

Continuous monitoring of:

heart rate
oxygen saturation
temperature
health trends
risk levels

🚨 Emergency Detection

The platform instantly detects abnormal conditions and triggers caregiver alerts for faster response.

🧠 AI-Assisted Health Insights

Instead of displaying confusing technical data, ElderEase generates:

simplified health explanations
preventive recommendations
easy-to-understand summaries

This helps seniors better understand their own health conditions.

👨‍👩‍👧 Caregiver Dashboard

Caregivers can:

monitor multiple patients
track alerts
view patient trends
manage personalized thresholds
respond to emergencies quickly

📊 Health Trend Visualization

Interactive charts help visualize:

vital fluctuations
historical trends
risk score patterns
monitoring summaries

💊 Medication Reminders

Reminder systems help elderly users maintain medication schedules consistently.

♿ Accessibility-Focused Design

We designed the platform with:

clean UI
large readable components
simple navigation
calm visual hierarchy
minimal complexity

Accessibility and usability were major priorities throughout development.

We used a modern full-stack architecture for scalability and real-time monitoring.

Frontend

React.js
Tailwind CSS
Chart.js

Backend

Database

Real-Time Simulation

AI Integration

Deployment

Version Control

ElderEase follows a real-time event-driven architecture.

Step 1 — Health Data Simulation

We used Node-RED to simulate wearable IoT devices generating:

heart rate
SpO₂
temperature data

This allowed us to test and validate the system without requiring physical hardware.

Step 2 — Backend Processing

Our backend built with Node.js + Express:

receives incoming health data
validates vitals
calculates risk scores
detects abnormal conditions
triggers alerts

Step 3 — Database Storage

We used MongoDB to store:

patient records
health history
alerts
monitoring logs
trend data

This creates the foundation for future predictive analytics.

Step 4 — Frontend Dashboards

The React frontend provides:

patient dashboards
caregiver dashboards
real-time charts
health summaries
emergency alerts

The UI is fully responsive across devices.

Step 5 — AI Insights Layer

The AI layer analyzes vital trends and generates:

human-readable health insights
preventive recommendations
simplified risk explanations

Our goal was to make healthcare information understandable instead of overwhelming.

Designing for Elderly Accessibility

One of our biggest challenges was balancing:

functionality
simplicity
accessibility

We constantly redesigned components to make the platform easier for seniors to use.

Managing Real-Time Data

Synchronizing:

Node-RED
backend APIs
database updates
frontend rendering

required careful system planning.

Simplifying AI Responses

AI-generated healthcare information can become highly technical very quickly.

We worked on making responses:

calm
understandable
actionable
non-technical

especially for elderly users.

Scalability Planning

We wanted ElderEase to remain scalable for future:

IoT integration
wearable sensors
predictive analytics
remote healthcare systems

So modular architecture became very important during development.

This project taught us that healthcare technology must be:

human-centered
accessible
understandable
proactive

We learned:

the importance of accessibility-first design
how real-time healthcare systems operate
how AI can improve understanding
how preventive healthcare systems can reduce emergencies
the value of designing technology with empathy

Most importantly, we learned that meaningful software should improve people’s lives in practical ways.

We plan to continue expanding ElderEase with:

🔌 Real IoT Integration

ESP32 support
wearable health devices
real sensor monitoring

📈 Predictive Analytics

Machine learning models for:

early risk prediction
anomaly detection
preventive healthcare insights

🎙 Voice-Based Interaction

Voice-enabled accessibility for seniors.

🌐 Multilingual Support

Making the platform accessible to more communities.

🏥 Healthcare Deployment

Potential deployment in:

senior care centers
assisted living communities
remote healthcare systems

ElderEase focuses on:

preventive healthcare
independent living
caregiver support
accessibility
early intervention

We believe healthcare technology should not only be intelligent — it should also be compassionate, inclusive, and easy to use.

👩‍💻 Aadya PatelFrontend & AI/ML Systems

👨‍💻 Anish KushwahaBackend & API Systems

👩‍💻 Ananya MishraDatabase & Monitoring Systems

🔗 GitHub Repository

ElderEase GitHub Repository

🌐 Live Demo

ElderEase Live DemoElderEase Vercel Deployment

Building ElderEase taught us that meaningful technology is not just about advanced systems — it’s about accessibility, empathy, and real-world impact.

We believe healthcare technology should help people feel safer, more independent, and more supported.

This is only the beginning for ElderEase, and we’re excited to continue improving the platform with real IoT integration, predictive analytics, and accessibility-focused innovations.

“Because every heartbeat deserves timely care.” ❤️

If you enjoyed this project or have suggestions for improving ElderEase, feel free to connect with us or contribute to the project on GitHub.

We’d love to hear your feedback. 🚀



Source link

Cookie based authentication & authorization in ASP.NET Core explained


Video – https://youtu.be/GhZLi8pBJow?si=mnIVpCke9OJBMFoJ

Services for Authentication and Authorization

Authentication Service

Maintains multiple authentication schemes
Uses Cookie handler to Build ClaimsPrincipal from cookie, set up request redirection for login, logout, access denial
Add cookie authentication service in DI container using the following

// Add Cookie Authentication service
builder.Services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
.AddCookie(options =>
{
options.LoginPath = “/Account/Login”; // Specify the path to the login page
options.AccessDeniedPath = “/Account/AccessDenied”; // Specify the path for access denied
options.ExpireTimeSpan = TimeSpan.FromMinutes(60); // Set the cookie expiration time
options.SlidingExpiration = true; // Enable sliding expiration
});

Enter fullscreen mode



Exit fullscreen mode

AddAuthentication adds the authentication service to DI container. It also specifies the default authentication scheme (Cookies) for authentication.
AddCookie provides a cookie authentication handler for the Cookies authentication scheme.

Authorization Service

Evaluates ClaimsPrincipal’s claims against authorization policies to determine if the request is authorized
Add authorization service in DI container using the following

builder.Services.AddAuthorization(options =>
{
// Define a rule named “AdminOnly”
options.AddPolicy(“AdminOnly”, policy =>
policy.RequireRole(“Admin”)
.RequireClaim(“EmployeeId”));
});

Enter fullscreen mode



Exit fullscreen mode

The above code adds a policy named AdminOnly along with default available authorization service policies

A Request’s Journey for cookie-based Authentication and Authorization in dotnet

Phase 1 – Authentication middleware (for Identification)

Authentication middleware identifies the visitor by extracting the ClaimsPrincipal from cookie and attaches it to HttpContext

Authenticaiton middleware is added to the request pipeline using the following

app.UseAuthentication();

Enter fullscreen mode



Exit fullscreen mode

Steps

Middleware asks the Authentication Service (configured via AddAuthentication) for a ClaimsPrincipal (user).
Authentication Service calls the Cookie Handler. It decrypts the cookie (using Data Protection Provider) and creates a ClaimsPrincipal
The created ClaimsPrincipal is attached to HttpContext.User. The request moves to the next middleware.

Phase 2: Authorization middleware (for Permissions check)

Authorization middleware evaluates the identified ClaimsPrincipal’s claims and redirects the request to login or denies the request if claims don’t meet the authorization requirements
Authorization middleware is added to the request pipeline using the following

app.UseAuthorization();

Enter fullscreen mode



Exit fullscreen mode

Steps

Authorization middleware checks the endpoint for attributes like (Authorize) or a specific policy (e.g., (Authorize(Policy = “AdminOnly”))).
Authorization middleware asks the Authorization Service (registered via AddAuthorization) to evaluate the ClaimsPrincipal’s claims against those rules.
Based on that evaluation, the system executes one of three paths:

Path A: User is Not Logged In (Challenge the request)

Condition: The authorization policy requires a user, but HttpContext.User is anonymous.
Action: The Authorization middleware triggers a Challenge by calling the ChallengeAsync method on the Authentication service.
Execution: Authentication service delegates the Challenge execution to Cookie Handler, which modifies HttpContext.Response for a 302 Redirect to LoginPath. The pipeline short-circuits.

Path B: User has Wrong Permissions (Forbid the request)

Condition: ClaimPrincipal is present, but the claims fail the requirements of authorization policies.
Action: The Authorization middleware triggers a Forbid by calling the ForbidAsync method on the Authentication service.
Execution: Authentication service delegates the Forbid execution to Cookie Handler, which modifies HttpContext.Response for a 302 Redirect to AccessDeniedPath. The pipeline short-circuits.

Path C: Access Granted

Condition: The user’s claims satisfy all requirements in the Authorization Service.
Execution: The middleware calls next(), allowing the request to reach next middleware (like controllers).

Setting logged in user in the cookie

The user will submit credentials in the login page
The user credentials will be verified from a database and ClaimsPrincipal will be created to represent the logged in user
HttpContext.SignInAsync uses Authentication service’s Cookie Handler to set the logged in user details (a ClaimsPrincipal) in the response cookie

await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);

Enter fullscreen mode



Exit fullscreen mode

Signout logged in user

await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);

Enter fullscreen mode



Exit fullscreen mode

HttpContext.SignOutAsync uses Authentication service’s Cookie Handler to expire the cookie that contains the logged in user details (a ClaimsPrincipal) and makes the HttpContext.User as anonymous

Access the ClaimsPrincipal (logged in user)

After the authentication middleware derives a valid ClaimsPrincipal from the cookie, it sets the user details (ClaimsPrincipal) in the HttpContext.User object
Hence

HttpContext.User?.Identity?.IsAuthenticated can be used to determine if a request is authenticated
HttpContext.User.Identity.Name can be used to determine the logged in user name



Source link