Spring MVC How to perform validation

Question

I would like to know what is the cleanest and best way to perform form validation of user inputs  I have seen some developers implement org springframework validation Validator  A question about that  I saw it validates a class  Does the class have to be filled manually with the values from the user input  and then passed to the validator   I am confused about the cleanest and best way to validate the user input  I know about the traditional method of using request getParameter   and then manually checking for nulls  but I don t want to do all the validation in my Controller  Some good advice on this area will be greatly appreciated  I am not using Hibernate in this application

User · Answer

There are two ways to validate user input: annotations and by inheriting Spring's Validator class. For simple cases, the annotations are nice. If you need complex validations (like cross-field validation, eg. "verify email address" field), or if your model is validated in multiple places in your application with different rules, or if you don't have the ability to modify your model object by placing annotations on it, Spring's inheritance-based Validator is the way to go. I'll show examples of both.

The actual validation part is the same regardless of which type of validation you're using:

RequestMapping(value="fooPage", method = RequestMethod.POST)
public String processSubmit(@Valid @ModelAttribute("foo") Foo foo, BindingResult result, ModelMap m) {
    if(result.hasErrors()) {
        return "fooPage";
    }
    ...
    return "successPage";
}

If you are using annotations, your Foo class might look like:

public class Foo {

    @NotNull
    @Size(min = 1, max = 20)
    private String name;

    @NotNull
    @Min(1)
    @Max(110)
    private Integer age;

    // getters, setters
}

Annotations above are javax.validation.constraints annotations. You can also use Hibernate's org.hibernate.validator.constraints, but it doesn't look like you are using Hibernate.

Alternatively, if you implement Spring's Validator, you would create a class as follows:

public class FooValidator implements Validator {

    @Override
    public boolean supports(Class<?> clazz) {
        return Foo.class.equals(clazz);
    }

    @Override
    public void validate(Object target, Errors errors) {

        Foo foo = (Foo) target;

        if(foo.getName() == null) {
            errors.rejectValue("name", "name[emptyMessage]");
        }
        else if(foo.getName().length() < 1 || foo.getName().length() > 20){
            errors.rejectValue("name", "name[invalidLength]");
        }

        if(foo.getAge() == null) {
            errors.rejectValue("age", "age[emptyMessage]");
        }
        else if(foo.getAge() < 1 || foo.getAge() > 110){
            errors.rejectValue("age", "age[invalidAge]");
        }
    }
}

If using the above validator, you also have to bind the validator to the Spring controller (not necessary if using annotations):

@InitBinder("foo")
protected void initBinder(WebDataBinder binder) {
    binder.setValidator(new FooValidator());
}

Also see Spring docs.

Hope that helps.

User · Answer

Put this bean in your configuration class      Bean   public Validator localValidatorFactoryBean         return new LocalValidatorFactoryBean          and then You can use     lt T gt  BindingResult validate T t        DataBinder binder   new DataBinder t       binder setValidator validator       binder validate        return binder getBindingResult        for validating a bean manually  Then You will get all result in BindingResult and you can retrieve from there

User · Answer

With Spring MVC  there are 3 different ways to perform validation   using annotation  manually  or a mix of both  There is not a unique  cleanest and best way  to validate  but there is probably one that fits your project problem context better   Let s have a User    public class User        private String name                Method 1   If you have Spring 3 x  and simple validation to do  use javax validation constraints annotations  also known as JSR-303 annotations    public class User         NotNull     private String name                You will need a JSR-303 provider in your libraries  like Hibernate Validator who is the reference implementation  this library has nothing to do with databases and relational mapping  it just does validation  -    Then in your controller you would have something like     RequestMapping value   user   method RequestMethod POST  public createUser Model model   Valid  ModelAttribute  user   User user  BindingResult result       if  result hasErrors              do something           else            do something else           Notice the  Valid   if the user happens to have a null name  result hasErrors   will be true   Method 2   If you have complex validation  like big business validation logic  conditional validation across multiple fields  etc    or for some reason you cannot use method 1  use manual validation  It is a good practice to separate the controller   s code from the validation logic  Don t create your validation class es  from scratch  Spring provides a handy org springframework validation Validator interface  since Spring 2    So let s say you have  public class User        private String name       private Integer birthYear      private User responsibleUser               and you want to do some  complex  validation like   if the user s age is under 18  responsibleUser must not be null and responsibleUser s age must be over 21   You will do something like this  public class UserValidator implements Validator         Override     public boolean supports Class clazz          return User class equals clazz               Override     public void validate Object target  Errors errors          User user    User  target         if user getName      null              errors rejectValue  name    your error code                      do  complex  validation here             Then in your controller you would have     RequestMapping value   user   method RequestMethod POST      public createUser Model model   ModelAttribute  user   User user  BindingResult result           UserValidator userValidator   new UserValidator            userValidator validate user  result            if  result hasErrors                  do something                   else                do something else               If there are validation errors  result hasErrors   will be true   Note   You can also set the validator in a  InitBinder method of the controller  with  binder setValidator        in which case a mix use of method 1 and 2 would not be possible  because you replace the default validator   Or you could instantiate it in the default constructor of the controller  Or have a  Component  Service UserValidator that you inject   Autowired  in your controller   very useful  because most validators are singletons    unit test mocking becomes easier   your validator could call other Spring components   Method 3   Why not using a combination of both methods  Validate the simple stuff  like the  name  attribute  with annotations  it is quick to do  concise and more readable   Keep the heavy validations for validators  when it would take hours to code custom complex validation annotations  or just when it is not possible to use annotations   I did this on a former project  it worked like a charm  quick  amp  easy   Warning   you must not mistake validation handling for exception handling  Read this post to know when to use them   References     A very interesting blog post about bean validation  Original link is dead  Another good blog post about validation  Original link is dead  Latest Spring documentation about validation

User · Answer

I would like to extend nice answer of Jerome Dalbert  I found very easy to write your own annotation validators in JSR-303 way  You are not limited to have  one field  validation  You can create your own annotation on type level and have complex validation  see examples below   I prefer this way because I don t need mix different types of validation  Spring and JSR-303  like Jerome do  Also this validators are  Spring aware  so you can use  Inject  Autowire out of box   Example of custom object validation    Target   TYPE  ANNOTATION TYPE     Retention RUNTIME   Constraint validatedBy     YourCustomObjectValidator class    public  interface YourCustomObjectValid        String message   default   YourCustomObjectValid message         Class lt   gt    groups   default          Class lt   extends Payload gt    payload   default        public class YourCustomObjectValidator implements ConstraintValidator lt YourCustomObjectValid  YourCustomObject gt          Override     public void initialize YourCustomObjectValid constraintAnnotation            Override     public boolean isValid YourCustomObject value  ConstraintValidatorContext context                Validate your complex logic              Mark field with error         ConstraintViolationBuilder cvb   context buildConstraintViolationWithTemplate context getDefaultConstraintMessageTemplate             cvb addNode someField  addConstraintViolation             return true            YourCustomObjectValid public YourCustomObject       Example of generic fields equality   import static java lang annotation ElementType ANNOTATION TYPE  import static java lang annotation ElementType TYPE  import static java lang annotation RetentionPolicy RUNTIME   import java lang annotation Documented  import java lang annotation Retention  import java lang annotation Target   import javax validation Constraint  import javax validation Payload    Target   TYPE  ANNOTATION TYPE     Retention RUNTIME   Constraint validatedBy     FieldsEqualityValidator class    public  interface FieldsEquality        String message   default   FieldsEquality message         Class lt   gt    groups   default          Class lt   extends Payload gt    payload   default                     Name of the first field that will be compared                  return name             String firstFieldName                    Name of the second field that will be compared                  return name             String secondFieldName          Target   TYPE  ANNOTATION TYPE         Retention RUNTIME      public  interface List           FieldsEquality   value                import java lang reflect Field   import javax validation ConstraintValidator  import javax validation ConstraintValidatorContext   import org slf4j Logger  import org slf4j LoggerFactory  import org springframework util ReflectionUtils   public class FieldsEqualityValidator implements ConstraintValidator lt FieldsEquality  Object gt         private static final Logger log   LoggerFactory getLogger FieldsEqualityValidator class        private String firstFieldName      private String secondFieldName        Override     public void initialize FieldsEquality constraintAnnotation            firstFieldName   constraintAnnotation firstFieldName            secondFieldName   constraintAnnotation secondFieldName                Override     public boolean isValid Object value  ConstraintValidatorContext context            if  value    null              return true           try               Class lt   gt  clazz   value getClass                 Field firstField   ReflectionUtils findField clazz  firstFieldName               firstField setAccessible true               Object first   firstField get value                Field secondField   ReflectionUtils findField clazz  secondFieldName               secondField setAccessible true               Object second   secondField get value                if  first    null  amp  amp  second    null  amp  amp   first equals second                         ConstraintViolationBuilder cvb   context buildConstraintViolationWithTemplate context getDefaultConstraintMessageTemplate               cvb addNode firstFieldName  addConstraintViolation               ConstraintViolationBuilder cvb   context buildConstraintViolationWithTemplate context getDefaultConstraintMessageTemplate               cvb addNode someField  addConstraintViolation secondFieldName                    return false                          catch  Exception e                log error  Cannot validate fileds equality in      value         e               return false                     return true            FieldsEquality firstFieldName    password   secondFieldName    confirmPassword   public class NewUserForm        private String password       private String confirmPassword

User · Answer

Find complete example of Spring Mvc Validation  import org springframework validation Errors  import org springframework validation ValidationUtils  import org springframework validation Validator  import com technicalkeeda bean Login   public class LoginValidator implements Validator       public boolean supports Class aClass            return Login class equals aClass              public void validate Object obj  Errors errors            Login login    Login  obj          ValidationUtils rejectIfEmptyOrWhitespace errors   userName                    username required    Required field            ValidationUtils rejectIfEmptyOrWhitespace errors   userPassword                    userpassword required    Required field              public class LoginController extends SimpleFormController       private LoginService loginService       public LoginController             setCommandClass Login class           setCommandName  login               public void setLoginService LoginService loginService            this loginService   loginService              Override     protected ModelAndView onSubmit Object command  throws Exception           Login login    Login  command          loginService add login           return new ModelAndView  loginsucess    login   login

User · Answer

If you have same error handling logic for different method handlers  then you would end up with lots of handlers with following code pattern   if  validation hasErrors           do error handling   else        do the actual business logic     Suppose you re creating RESTful services and want to return 400 Bad Request along with error messages for every validation error case  Then  the error handling part would be same for every single REST endpoint that requires validation  Repeating that very same logic in every single handler is not so DRYish   One way to solve this problem is to drop the immediate BindingResult after each To-Be-Validated bean  Now  your handler would be like this    RequestMapping      public Something doStuff  Valid Somebean bean            do the actual business logic        Just the else part      This way  if the bound bean was not valid  a MethodArgumentNotValidException will be thrown by Spring  You can define a ControllerAdvice that handles this exception with that same error handling logic    ControllerAdvice public class ErrorHandlingControllerAdvice        ExceptionHandler MethodArgumentNotValidException class      public SomeErrorBean handleValidationError MethodArgumentNotValidException ex               do error handling            Just the if part            You still can examine the underlying BindingResult using getBindingResult method of MethodArgumentNotValidException

[java] Spring MVC: How to perform validation?

Examples related to java

Examples related to spring-mvc

Examples related to validation

Examples related to user-input