SpringMVC：校验

校验

校验理解 

项目中，通常使用较多是前端的校验，比如页面中js校验。对于安全要求较高点建议在服务端进行校验。服务端校验：

控制层conroller：校验页面请求的参数的合法性。在服务端控制层conroller校验，不区分客户端类型（浏览器、手机客户端、远程调用）。

业务层service（使用较多）：主要校验关键业务参数，仅限于service接口中使用的参数。

持久层dao：一般是不校验的。

常用校检注解

环境准备

 

1、校验框架所需要jar包：

2、web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
         id="WebApp_ID" version="2.5">
    <display-name>springmvc</display-name>

    <!-- springmvc前端控制器 -->
    <servlet>
        <servlet-name>springmvc</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <init-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>classpath:springmvc.xml</param-value>
        </init-param>
    </servlet>

    <servlet-mapping>
        <servlet-name>springmvc</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <!-- post乱码过虑器 -->
    <filter>
        <filter-name>CharacterEncodingFilter</filter-name>
        <filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>utf-8</param-value>
        </init-param>
    </filter>
    <filter-mapping>
        <filter-name>CharacterEncodingFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

3、springmvc.xml

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mvc="http://www.springframework.org/schema/mvc"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:aop="http://www.springframework.org/schema/aop" xmlns:tx="http://www.springframework.org/schema/tx"
       xsi:schemaLocation="http://www.springframework.org/schema/beans
      http://www.springframework.org/schema/beans/spring-beans-3.2.xsd 
      http://www.springframework.org/schema/mvc 
      http://www.springframework.org/schema/mvc/spring-mvc-3.2.xsd 
      http://www.springframework.org/schema/context 
      http://www.springframework.org/schema/context/spring-context-3.2.xsd 
      http://www.springframework.org/schema/aop 
      http://www.springframework.org/schema/aop/spring-aop-3.2.xsd 
      http://www.springframework.org/schema/tx 
      http://www.springframework.org/schema/tx/spring-tx-3.2.xsd ">

    <!--开启spring注解-->
    <context:annotation-config/>
    <!--在包中查找注解的类-->
    <context:component-scan base-package="org.haiwen"/>
    <!--开启springmvc注解-->
    <mvc:annotation-driven/>
    <!--配置视图解析器-->
    <bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
        <property name="prefix" value="/WEB-INF/page/"/>
        <property name="suffix" value=".jsp"/>
    </bean>
</beans>

4、创建实体类：User.java，在 User 类要校验的属性前添加必要的 Hibernate Validator 注解对前台提交的数据进行验证，代码如下：

import org.hibernate.validator.constraints.Email;
import org.hibernate.validator.constraints.Length;
import org.hibernate.validator.constraints.NotBlank;
import org.hibernate.validator.constraints.Range;

public class User {
    @NotBlank(message = "Username can not be empty")
    private String username;
    @Length(min = 6, max = 16, message = "The length of the password must be between 6 and 16 bits")
    private String password;
    @Range(min = 18, max = 60, message = "Age must be between 18 and 60 years old")
    private Integer age;
    @Email(message = "Please enter a valid email address")
    private String email;

    public User() {
    }

    public User(String username, String password, Integer age, String email) {
        this.username = username;
        this.password = password;
        this.age = age;
        this.email = email;
    }

    public String getUsername() { return username; }
    public void setUsername(String username) { this.username = username; }

    public String getPassword() { return password; }
    public void setPassword(String password) { this.password = password; }

    public Integer getAge() { return age; }
    public void setAge(Integer age) { this.age = age; }

    public String getEmail() { return email; }
    public void setEmail(String email) { this.email = email; }
}

5、UserController.java

@Valid @ModelAttribute("user") User user 的 @Valid 意思是在把数据绑定到 @ModelAttribute("user") 后就进行验证。后面跟着 Errors 对象保存校验信息，如果 errors 中有错误信息，则返回 register 页面，验证成功则跳转到 success 页面。

import org.haiwen.entity.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.Errors;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.validation.Valid;

@Controller
public class UserController {

    // 进入注册页面
    @RequestMapping(value = "/register_form")
    public String register_form(Model model) {
        model.addAttribute("user", new User());
        return "register";
    }

    // 注册请求的响应方法
    @RequestMapping(value = "/register")
    public String register(@Valid @ModelAttribute("user") User user, Errors errors, Model model) {
        if(errors.hasErrors()){
            return "/register";
        }else {
            model.addAttribute("user", user);
            return "success";
        }
    }
}

6、register.jsp，添加 <form:errors> 标签显示属性的错误信息。

<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>Register</title>
</head>

<body>
<div id="global">
    <form:form modelAttribute="user" method="post" action="register">
        <fieldset>
            <legend>register</legend>
            <p>
                <label>name:</label>
                <form:input path="username"/>
                <form:errors path="username" cssStyle="color:red"/>
            </p>
            <p>
                <label>password:</label>
                <form:password path="password"/>
                <form:errors path="password" cssStyle="color:red"/>
            </p>
            <p>
                <label>age:</label>
                <form:input path="age"/>
                <form:errors path="age" cssStyle="color:red"/>
            </p>
            <p>
                <label>email:</label>
                <form:input path="email"/>
                <form:errors path="email" cssStyle="color:red"/>
            </p>
            <p id="buttons">
                <input id="submit" type="submit" value="register">
                <input id="reset" type="reset" value="reset">
            </p>
        </fieldset>
    </form:form>
</div>
</body>
</html>

7、success.jsp

<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
    <title>success</title>
</head>
<body>
<h5>Registration success, personal information：</h5>
    name：${user.username}<br/>
    password：${user.password}<br/>
    age：${user.age}<br/>
    email：${user.email}<br/>
</body>
</html>

测试

注册成功