-->
These old forums are deprecated now and set to read-only. We are waiting for you on our new forums!
More modern, Discourse-based and with GitHub/Google/Twitter authentication built-in.

All times are UTC - 5 hours [ DST ]



Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 
Author Message
 Post subject: password and passwordRepeat validation
PostPosted: Fri May 27, 2011 11:20 am 
Newbie

Joined: Tue Mar 11, 2008 4:49 am
Posts: 12
Hi

I want to have my password component validated:

Code:
public class PasswordView {
    private String password;
    private String passwordRepeat;
}

My requirements are:
if password is blank ( passwordRepeat does not matter) - return single error that password is blank
if password is less than 6 characters( passwordRepeat does not matter) - return single errror that password length is less than 6
if (password.length >=6 and !password.equals(passwordRepeat)) - return two errors that password and passwordRepeat do not match.

My initial implementation is:
create @PasswordFieldConstraint like:
Code:
@Documented
@Constraint(validatedBy = {})
@Target({ METHOD, FIELD, ANNOTATION_TYPE, CONSTRUCTOR, PARAMETER })
@Retention(RUNTIME)
@ReportAsSingleViolation
@NotBlank
@Size(min = 6, max = 25)
public @interface PasswordContraint {
    String message() default "{InvalidPassword.message}";

    Class<?>[] groups() default {};

    Class<? extends Payload>[] payload() default {};
}


and apply it on field:
Code:
public class PasswordView {
    @PasswordContraint
    private String password;
    private String passwordRepeat;
}


then create class level constraint:

Code:
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE, ElementType.ANNOTATION_TYPE, ElementType.PARAMETER})
@Constraint( validatedBy = { PasswordViewValidator.class } )
public @interface PasswordViewConstraint {
    String message() default "{PasswordNotMatch.message}";
    Class<?>[] groups() default {};
    Class<? extends Payload>[] payload() default {};
}




PasswordViewValidator:
Code:
PasswordViewValidator{
private String messageTemplate;
    @Override
    public void initialize(PasswordViewConstraint constraintAnnotation) {
        messageTemplate = constraintAnnotation.message();       
    }

    @Override
    public boolean isValid(PasswordView value,
            ConstraintValidatorContext context) {
        boolean result = isValid(value);
        if(!result){
            setConstraintViolations(context);
        }
        return result;
    }
   
    private void setConstraintViolations(ConstraintValidatorContext context) {
        context.disableDefaultConstraintViolation();
        context.buildConstraintViolationWithTemplate(messageTemplate)
                .addNode("password").addConstraintViolation();
        context.buildConstraintViolationWithTemplate(messageTemplate).addNode("passwordRepeat")
                .addConstraintViolation();
    }

    private boolean isValid(PasswordView value) {
        if(value == null){
            return true;
        }     
        return password.equals(value.getPasswordRepeat());
    }
}

the problem i faced is that PasswordViewValidator is executed before @PasswordContraint constraints (@Size and @NotBlank). It means that
i got 2 errors when PasswordView = {password ='a' and passwordRepeat = 'b'} - the first error from @PasswordViewConstraint and the sec from @PasswordContraint.
I can force PasswordViewValidator to return true when password is null/blank or password length is less than 6 but i would like to avoid this kind of checking, since it seems like a tight coupling between @PasswordConstraint internals (attribute value of composing annotation @Size) and PasswordViewValidator implementation.
I can workaround by using GroupSequence to specy order between @PasswordConstraint and @PasswordViewConstraint but maybe someone has a better idea.

Thanks in advance.


Top
 Profile  
 
 Post subject: Re: password and passwordRepeat validation
PostPosted: Tue May 31, 2011 6:30 am 
Hibernate Team
Hibernate Team

Joined: Thu Apr 05, 2007 5:52 am
Posts: 1689
Location: Sweden
Hi,

I think all you option are valid. Unless you are using group sequences the execution order is not specified.
Personally I might even put all logic into PasswordViewConstraint. This constraint is already very specific to PasswordView, so I think that is ok. Of course you are missing out then on the composing constraint PasswordContraint.
Working w/ groups is probably the best solution in the sense of the spec, but imo seems cumbersome.
Last but not least, you could use the Hibernate Validator specific @ScriptAssert. Really you are on the right track, the question is what you think is best.

--Hardy


Top
 Profile  
 
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 2 posts ] 

All times are UTC - 5 hours [ DST ]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
© Copyright 2014, Red Hat Inc. All rights reserved. JBoss and Hibernate are registered trademarks and servicemarks of Red Hat, Inc.