let's assume we have a signup form. When some input of the form is changed, I want to validate its value on the fly by using the ajax call to the server. Is there a chance to validate only some particular property of the bean by using the JSR 303 validation?
The signup form handler validates the received bean just fine, but I want to find out the way to check the property before submit the whole bean.
The straight forward approach is just to create a server-side method to receive the property name and value and based on the name check the value, but I hope there is a way to use already defined constraints for the bean.
For example, the user entered the email address and moved forward to the next property. The client makes a call and the server method checks if the provided email is already exist. If so, it returns an error and I do show it up on the client side. I believe it may make the signup process more flexible and user friendly
Any comments are really appreciated.
The jsr-303 Validator does have a method right on it to validate just one property:
<T> java.util.Set<ConstraintViolation<T>> validateProperty(T object,
java.lang.String propertyName,
java.lang.Class<?>... groups)
You just need to inject the validator so that you can use it directly, rather than relying on Spring to call it automatically via putting #Valid on a method parameter.
Related
The method is secured with #PreAuthorize annotation
#PreAuthorize("#creatorId == principal.id or #userServiceImp.isSubscribedToProject(principal.id, #projectId)")
I don't want to just copy restrictions from annotation in Thymeleaf every time.
I want it to look similar to sec:authorize-url=(MethodName, Url) - but it does not evaluate against annotations.
Mayby create a bean with similar method signature and call it in Thymealeaf. In the method could be used MethodInvocationPrivilegeEvaluator but I don't know how get an instance of MethodInvocation
Here a solution is described to handle redirects to a custom URL based on a condition via use of AccessStrategy.
This however is part of the unauthorized login logical flow therefore results into a still not-logged in user arriving at the end url we redirect to. (via getUnauthorizedUrl)
If we want to redirect the user based on a condition, say via injecting an action to the webflow, how can we manipulate the return URL to be changed into a custom one?
WebUtils.getService(requestContext) include getters of the source/originalUrl but no obvious way to set/manipulate said value through an action bean.
p.s. Currently using CAS version 5.3.x
Responses for normal web applications from CAS are built using WebApplicationServiceResponseBuilder.
If you examine this block you will find that the final response is built using WebApplicationServiceResponseBuilder bean. It is only created conditionally, if an existing bean is not already found in the context by the same name. So to provide your own, you just need to register a bean with the same name using your own #Configuration class.
#Bean
public ResponseBuilder<WebApplicationService> webApplicationServiceResponseBuilder() {
return new MyOwnWebApplicationServiceResponseBuilder(...);
}
...and then proceed to design your own MyOwnWebApplicationServiceResponseBuilder, perhaps even by extending WebApplicationServiceResponseBuilder and overriding what you need where necessary to build the final redirect logic conditionally.
To learn about how #Configuration classes work in general, you can:
Review this post
or this post
or consult the documentation for Spring and/or Spring Boot.
I am calling a web service to validate an email address. In case of an invalid email address this service returns messages and I need to display them in a JSP. I am using Jersey with Struts2 and I have a form which submits to an action which takes care of this logic at the back end. I am not using a servlet to get the messages from the HttpServletRequest object.
I get a list of messages and I need to display the error message text on the screen but I am not sure how to do it. On click I get the form id which goes to the back end using struts2 action.
Thanks...
I'd strongly recommend using the Struts2 validation interceptor. The documentation is very straight forward and it's very robust.
https://struts.apache.org/docs/basic-validation.html
https://struts.apache.org/docs/email-validator.html
You simply need to call the interceptor stack in your action in struts.xml, then specify what validations you want. You can then display your error on the JSP should the validation fail.
You can either use the default validators provided by the XML validation or set your own by creating a validate method in the action class that is called by the stack, or both.
http://www.simplecodestuffs.com/struts-2-fielderror-example/
Here is an example for you to work with.
I have different mappings that start with \mobile or contain \mobile. Is there a way to catch all these mappings?
My Mappings are:
\mobile\login.mvc
\mobile\profile\details.mvc
\secure\mobile\profile\edit.mvc
Now I want that for all "\mobile" mappings one function oder mapping is called, and then the call mapping.
Background: I want to check with every call, whether the user is logged in and sign him if necessary. But I would not query at every mapping the parameters username and password but all in one place.
If you want to authenticate user in every controller then Spring AOP will be a good choice.
You can write a single authentication method and invoke it before controller using AOP.
This might help http://tedone.typepad.com/blog/2011/05/using-aop-easily-with-aspectj-and-spring.html
I would like to create a custom annotation to decorate methods which would restrict access to method calls.
My annotation is defined below:
#Inherited
#Documented
#Retention(RetentionPolicy.RUNTIME)
public #interface Restrict {
public enum RoleType {All, ROLE_A, ROLE_B, ROLE_C, ROLE_D}
String roleLevel();
RoleType roleType();
}
Then using the annotation like the following. The annotation receives two parameters, one being the required minimum roleType, the other the required minimum role level.
#Restrict(roleType = RoleType.ALL, roleLevel="user")
String deleteSomething() {
// delete intended whatever
return success;
}
My intent is, when any call to a Managed Bean method that is decorated with this annotation, as in the method described above "deleteSomething()", occurs, this call would be intercepted and the parameters set on the method compared to the logged in users appropriate session values. If the logged in users session role values are high enough, the Managed Bean's method will be allowed to be invoked, otherwise the user is either redirected or an appropriate message is displayed.
My question is this, is there a way I can "hook" into what methods are bing called to then, through reflection, see if there is a #Restrict annotation on the method and then process said annotation. I've tried doing this in a PhaseListener class, but I'm not sure how to find out what Managed Bean is being called to perform refection on. I've read about a custome ElResolver, but I'm not sure if this is anything that will help me. I've also tried to find a way to simply create a listener that somehow knows when a method that is annotated with #Restrict has been invoked.
Environment Specifics:
Tomcat 6.0.35 (considering upgrading to Tomcat 7.0.27)
JSF version 2.1.7
RichFaces 4.1.0
I'm just looking for some guidance and some options available to me. Thank you to anyone who can help me with this!
You can achieve this by implementing a custom ActionListener which is been registered as a global <action-listener> in the faces-config.xml.
By coincidence, someone else asked and answered the same question this week: Custom Annotation JSF. Note that JAAS is not required for the particular purpose, just grab the User from the session by FacesContext the usual way.