Announcement Announcement Module
No announcement yet.
Validation before bind? Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Validation before bind?


    Running into an issue that I'm sure others have run into (and hopefully cleanly solved).

    We are using Spring MVC and using Commons Validator (via Spring Modules) for centralized validation of form input.

    Problem we are running into is that the validation occurs after binding to the form backing object has already occurred. This works great for domain-object validation, but we really are more interested in user-input validation before binding.

    Example problems:
    • If someone types in wrong format for dates, the binder adds the usual "typeMismatch.blahDate" to the errors, sets this property on the command object to null, and then passes it along to the validator. The validator then sees null, and (if it's a required field) adds it's own "X field is required" error, resulting in 2 errors shown to the user...
    • When user types in the correct format, the binder binds date correctly, then Commons Validator does a toString() to validate the date against the date mask you have specified (i.e. "mm/dd/yyyy"), which will fail as toString() produces something like "Mon Apr 12, 2007 12:34 PST".

    It seems the issue here is that the primary goal of the Validator interface is mostly about validating the state of a domain/form-backing object, while the primary goal of Commons Validator is to validate String-based user input before any binding. Meshing these two technologies together is causing problems, and isn't that useful for solving our need to validate user input.

    I'm thinking the best approach would be to:
    • add a pre-bind validation hook into our base controllers, and use Commons Validator here to validate the form's parameter map (which are still Strings at this point).
    • if this validation fails, return immediately to the form page (via showForm) before binding and post-bind validation occurs.
    • otherwise, bind as usual and then validate using any other validators defined (excludes the pre-bind validator).

    Sound reasonable, or has any one else solved this already?

    BTW, I'm aware that you can use Javascript validation before the post, but we can't rely on JS and primarily need server-side validation.