Hello,
I m looking about using bean validation into spring mvc application.
It looks good for input validation (whitelist approach).
However it relays on annotations on each objects attributes to trigger
input validation.
If a user does not add annotation, input will not be validated even with
default validation rule...
Does any one knows if default input validation can be trigger with bean
validation ... For enforcement purpose?
You should be able to set a customer validator to be used globally through the XML configs:
Once you have the custom validator setup properly you can enable it globally within the XML config:
<mvc:annotation-driven validator="[Your Validator Here]"/>Was that what you were looking for?
D
--- On Thu, 8/30/12, Lebeau Frederic frederic.lebeau@websurf.be wrote:
From: Lebeau Frederic frederic.lebeau@websurf.be
Subject: [WEB SECURITY] Bean validation
To: websecurity@webappsec.org
Date: Thursday, August 30, 2012, 12:51 PM
Hello, I m looking about using bean validation into spring mvc application.It looks good for input validation (whitelist approach).However it relays on annotations on each objects attributes to trigger input validation.
If a user does not add annotation, input will not be validated even with default validation rule...
Does any one knows if default input validation can be trigger with bean validation ... For enforcement purpose?
-----Inline Attachment Follows-----
The Web Security Mailing List
WebSecurity RSS Feed
http://www.webappsec.org/rss/websecurity.rss
Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
WASC on Twitter
http://twitter.com/wascupdates
websecurity@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org