简介:web应用开发中,一般我们会对form表单做两次验证,一次是前端验证,但是前端验证还是不那么安全,那么我们就需要在后端进行验证,jsr303提供了bean validation的标准,hibernate提供了相应的实现,本文讲解了bean validation在spring mvc中的应用,这里也有spring 官方的example:http://spring.io/guides/gs/validating-form-input/
应用一个注册的例子:
1. 首先定义我们后端的bean
import javax.validation.constraints.Max;
import javax.validation.constraints.NotNull;
public class Person {
@NotNull
// @MyConstraint
private String name;
@Max(20)
private Integer age;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Integer getAge() {
return age;
}
public void setAge(Integer age) {
this.age = age;
}
}
2. 定义controller:
@Controller
public class MyController {
// @InitBinder
// protected void initBinder(WebDataBinder binder) {
// binder.setValidator(new PersonValidator());
// }
@RequestMapping(value="/register", method=RequestMethod.GET)
public String showForm(Person person) {
return "register";
}
@RequestMapping(value="/register",method=RequestMethod.POST)
public String submit(@Valid Person person,BindingResult bindingResult)
{
if (bindingResult.hasErrors()) {
return "register";
}
return "redirect:/";
}
}
3. jsp页面
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<c:set var="ctx" value="${pageContext.request.contextPath}"/>
<html>
<head></head>
<body>
<span> this is this the register.jsp</span>
<html>
<body>
<form:form commandName="person">
<table>
<tr>
<td>name:</td>
<td><form:input path="name" /></td>
<td><form:errors path="name" /></td>
</tr>
<tr>
<td>age:</td>
<td><form:input path="age" /></td>
<td><form:errors path="age" /></td>
</tr>
<tr>
<td colspan="3">
<input type="submit" value="Save Changes" />
</td>
</tr>
</table>
</form:form>
</body>
</html>
</body>
</html>
应用过程中首先得请求/register下的页面也即调用controller中的showForm方法,这里的showForm方法中参数必须是Person类,作用相当于将jsp form表单和person的属性关联起来(采用了spring的form标签),jsp页面经渲染之后form标签的action属性自动会设置为请求页面时的url,method为post,这样form表单提交的时候就会映射到submit方法,当spring mvc扫描到@Valid注解的时候就会去对person进行验证,验证的结果会绑定在参数bindingResult中,所以这里你得加上@Valid注解,给一个bindingResult参数,然后对验证的结果进行判断,如果验证不通过就返回到提交的页面对应的错误信息也会绑定上去
springmvc.xml配置如下:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<!--启动对bean的验证-->
<mvc:annotation-driven/>
<!-- <bean id="messageSource" class="org.springframework.context.support.ResourceBundleMessageSource" p:basename="message" />-->
<context:component-scan base-package="com.yx.springmvc.springmvc"/>
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver" p:prefix="/WEB-INF/jsp/" p:suffix=".jsp"/>
</beans>
自定义错误信息
验证不通过的时候,bean validation会将该注解(如@Max)下的message当做key,去classpath下的ValidationMessages.properties下找对应的value,如果没有找到则会去找bean validation自身定义的value,如果bean validation自身定义的也没有就会将key设置成验证不通过的message,需要注意的是message key的设置方式要加{},例如:@Max(value=20,message="{too old key}"),然后在ValidationMessages.properties下配置一个too old key=too old value,则当验证不同时就会显示too old value