1
1
.
.
1
1
V
V
a
a
l
l
i
i
d
d
a
a
t
t
i
i
o
o
n
n
I
I
n
n
f
f
o
o
Following tutorials show how to validate User Input by validating either
● individual HTTP Request Parameters (@RequestParam @NotBlank String name)
● DTO during Deserialization from
○ Request Parameters (@NotBlank public String name;)
○ JSON Body (@NotBlank public String name;)
In both cases the same Annotations can be assigned either to
● Endpoint's Input Parameter (@RequestParam @NotBlank String name)
● DTO Property (@NotBlank public String name;)
● additional Endpoint is used to catch validation Exceptions (and return errors to the User)
Controller's @ExceptionHandler Methods only catch Exceptions thrown inside the same Controller.
Use @ControllerAdvice class as a central place to catch Exceptions from all Controllers.
Annotations
ANNOTATION
PARAMETERS
@NotBlank
( message = "String Name is mandatory")
@NotNull
( message = "Integer Age is mandatory")
@Min(18)
(value = 18, message = "Minimum value for Age is 18")
@Max(100)
(value = 100, message = "Maximum value for Age is 100")
@Size(min=5, max=30)
(min=5, max=30, message = "String must be between 5 and 30 characters")
Exceptions
VALIDATION TYPE
EXCEPTION
REFERENCE
(@RequestParam @NotBlank String name)
MissingServletRequestParameterException
Request Parameters
(@Valid PersonDTO personDTO)
BindException
DTO - Parameters
(@Valid @RequestBody PersonDTO personDTO)
MethodArgumentNotValidException
DTO - JSON
V
V
a
a
l
l
i
i
d
d
a
a
t
t
e
e
&
&
T
T
h
h
r
r
o
o
w
w
E
E
x
x
c
c
e
e
p
p
t
t
i
i
o
o
n
n
s
s
V
V
a
a
l
l
i
i
d
d
a
a
t
t
e
e
R
R
e
e
q
q
u
u
e
e
s
s
t
t
P
P
a
a
r
r
a
a
m
m
e
e
t
t
e
e
r
r
s
s
MyController.java
@Validated
@Controller
public class MyController {
@ResponseBody
@RequestMapping("/Hello")
public String hello(@RequestParam @NotBlank String name ) {
return "Hello " + name;
}
V
V
a
a
l
l
i
i
d
d
a
a
t
t
e
e
D
D
T
T
O
O
(
(
D
D
u
u
r
r
i
i
n
n
g
g
D
D
e
e
s
s
e
e
r
r
i
i
a
a
l
l
i
i
z
z
a
a
t
t
i
i
o
o
n
n
f
f
r
r
o
o
m
m
R
R
e
e
q
q
u
u
e
e
s
s
t
t
P
P
a
a
r
r
a
a
m
m
e
e
t
t
e
e
r
r
s
s
)
)
MyController.java
@Controller
public class MyController {
@ResponseBody
@RequestMapping("/Hello")
public String hello(@Valid PersonDTO personDTO) {
return "Hello " + personDTO.name;
}
PersonDTO.java
public class PersonDTO {
//PROPERTIES
@NotBlank public String name;
//SETTERS (Only needed for Deserialization from Request Parameters. JSON uses Reflection instead.)
public void setName(String name) { this.name = name; }
}
V
V
a
a
l
l
i
i
d
d
a
a
t
t
e
e
D
D
T
T
O
O
(
(
D
D
u
u
r
r
i
i
n
n
g
g
D
D
e
e
s
s
e
e
r
r
i
i
a
a
l
l
i
i
z
z
a
a
t
t
i
i
o
o
n
n
f
f
r
r
o
o
m
m
J
J
S
S
O
O
N
N
)
)
MyController.java
@Controller
public class MyController {
@ResponseBody
@RequestMapping("/AddPerson")
public String addPerson(@Valid @RequestBody PersonDTO personDTO) {
return "Person added";
}
PersonDTO.java
public class PersonDTO {
//PROPERTIES
@NotBlank public String name;
}
C
C
a
a
t
t
c
c
h
h
E
E
x
x
c
c
e
e
p
p
t
t
i
i
o
o
n
n
s
s
Controller's @ExceptionHandler Method only catches Exceptions thrown inside the same Controller.
Use @ControllerAdvice class as a central place to catch Exceptions from all Controllers.
Exception Methods (differ base on the type of Exception)
VALIDATION TYPE
EXCEPTION
REFERENCE
(@RequestParam @NotBlank String name)
MissingServletRequestParameterException
Request Parameters
(@Valid PersonDTO personDTO)
BindException
DTO - Parameters
(@Valid @RequestBody PersonDTO personDTO)
MethodArgumentNotValidException
DTO - JSON
MyController.java (example for Request Parameters)
@Controller
public class MyController {
@ResponseBody
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MissingServletRequestParameterException.class)
public String handleExceptions(MissingServletRequestParameterException exception) {
//GET EXCEPTION DETAILS
String parameterType = exception.getParameterType(); //String
String parameterName = exception.getParameterName(); //name
String message = exception.getMessage(); //Required String parameter 'name' is not present
//RETURN MESSAGE
return message;
}
MyController.java
@ControllerAdvice
public class GlobalExceptionHandler {
@ResponseBody
@ResponseStatus(HttpStatus.BAD_REQUEST)
@ExceptionHandler(MissingServletRequestParameterException.class)
public String handleIdentifiersNotMatchingException(MissingServletRequestParameterException exception) {
//GET EXCEPTION DETAILS
String parameterType = exception.getParameterType(); //String
String parameterName = exception.getParameterName(); //name
String message = exception.getMessage(); //Required String parameter 'name' is not present
//RETURN MESSAGE
return message;
}
}
