I wrote the following to verify passwords:
Compliance with restrictions:
package com.test.web.validation.user; import java.lang.annotation.Documented; import java.lang.annotation.ElementType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.lang.annotation.Target; import javax.validation.Constraint; import javax.validation.Payload; @Target({ ElementType.TYPE }) @Retention(RetentionPolicy.RUNTIME) @Documented @Constraint(validatedBy = PasswordsEqualConstraintValidator.class) public @interface PasswordsEqualConstraint { String message(); Class<?>[] groups() default {}; Class<? extends Payload>[] payload() default {}; } package com.test.web.validation.user; import javax.validation.ConstraintValidator; import javax.validation.ConstraintValidatorContext; import com.test.logic.dto.UserDto; public class PasswordsEqualConstraintValidator implements ConstraintValidator<PasswordsEqualConstraint, Object> { @Override public void initialize(PasswordsEqualConstraint arg0) { } @Override public boolean isValid(Object candidate, ConstraintValidatorContext arg1) { UserDto user = (UserDto) candidate; return user.getPassword().equals(user.getPasswordRepeat()); } }
My DTO object:
package com.test.logic.dto; import java.io.Serializable; import java.util.ArrayList; import java.util.Date; import java.util.List; import javax.validation.constraints.NotNull; import javax.validation.constraints.Size; import com.esldic.web.validation.user.EmailExistsConstraint; import com.esldic.web.validation.user.PasswordsEqualConstraint; @PasswordsEqualConstraint(message = "passwords are not equal") public final class UserDto extends AbstractDto implements Serializable { private static final long serialVersionUID = 1L; private Long id; @NotNull @Size(min = 3, max = 30) @EmailExistsConstraint(message = "email is not available") private String email; private String username; @NotNull @Size(min = 2, max = 30) private String password; @NotNull @Size(min = 2, max = 30) private String passwordRepeat; ... }
Finally my controller
package com.test.web.controllers; import java.util.Set; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.validation.ConstraintViolation; import javax.validation.Validator; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.ModelAndView; import com.test.logic.dto.UserDto; @Controller public final class SignupController { @Autowired private Validator validator; @RequestMapping(value = "/signup.html", method = RequestMethod.POST) public @ResponseBody ModelAndView handleSignupForm(@ModelAttribute UserDto candidate, HttpServletResponse response) throws ServiceException { Set<ConstraintViolation<UserDto>> failures = validator .validate(candidate); if (!failures.isEmpty()) { response.setStatus(HttpServletResponse.SC_BAD_REQUEST); return ValidationHelper.validationMessages(failures); } else { return userService.create(candidate); } }
In addition, on google you will find many samples with the JSR-303 bean check.
Cyril deba
source share