-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All,
Hello, we've been using commons-validator 1.3.1 along with Struts 1.3.8 to do form validation to great success for quite some time (thanks!). I was recently asked to change our password complexity requirements and I realized that we had the same "mask" in several different validator files (we have validator_role1.xml, validator_role2.xml, etc. along with a global-validator.xml file that contains a custom global validator for things other than pattern matching). After a bit of searching, and reading the validator DTD, I saw that one can define <constant> elements within the <global> element and then use those constants later in the validators. Here are the relevant configuration files I have: global-validator.xml - -------------------- "-//Apache Software Foundation//DTD Commons Validator Rules Configuration 1.3.0//EN" "http://jakarta.apache.org/commons/dtds/validator_1_3_0.dtd"> <form-validation> <global> <validator ... /> <!-- Define constants for the password rules to be used all over --> <constant> <!-- Requires a letter (\p{L} is "any unicode letter"), requires a number --> <constant-name>password-regexp</constant-name> <constant-value>^.*(([0-9]+.*\p{L}+)|(\p{L}+.*[0-9]+)).*$</constant-value> </constant> <constant> <constant-name>password-minlength</constant-name> <constant-value>8</constant-value> </constant> <constant> <constant-name>password-maxlength</constant-name> <constant-value>4096</constant-value> </constant> </global> </form-validation> validate_user.xml - ------------------ <?xml version="1.0" ?> <!DOCTYPE form-validation PUBLIC "-//Apache Software Foundation//DTD Commons Validator Rules Configuration 1.3.0//EN" "http://jakarta.apache.org/commons/dtds/validator_1_3_0.dtd"> <form-validation> <formset> <form name="profileForm"> <field property="newPassword" depends="minlength,maxlength,mask"> <arg position="0" key="form.profile.newPassword.prompt" bundle="User" /> <arg position="1" name="minlength" key="${var:minlength}" resource="false" /> <arg position="2" name="maxlength" key="${var:maxlength}" resource="false" /> <msg name="mask" bundle="User" key="error.invalid.password" /><!-- Specific error message for this one --> <var><var-name>minlength</var-name><var-value>${password-minlength}</var-value></var> <var><var-name>maxlength</var-name><var-value>${password-maxlength}</var-value></var> <var> <var-name>mask</var-name> <var-value>${password-regexp}</var-value> </var> </field> </form> </formset> </form-validation> I don't see any errors during startup, and I also don't see any at runtime (but I did while configuring them in the first place, with typos and stuff like that showing up in the error logs, so I know that I can see errors when they /do/ occur). I can see the following messages in my stdout log during startup: 2010-02-10 18:07:02,899 [main] INFO org.apache.struts.validator.ValidatorPlugIn- Loading validation rules file from '/WEB-INF/global-validator.xml' 2010-02-10 18:07:02,899 [main] INFO org.apache.struts.validator.ValidatorPlugIn- Loading validation rules file from '/WEB-INF/validate_user.xml' No errors are displayed afterward, so I assume that everything is copacetic. Unfortunately for me, when attempting to validate my form using this new setup, the validation fails and I am presented with the error message associated with "error.invalid.password", indicating that the "mask" validation has failed. I have verified that, if I fail to enter the requisite number of characters, I'll get a message that says "The field password cannot be less than 8 characters", which comes from a parameterized message so I know the "8" is being correctly substituted, here. Finally, I have checked that my regular expression shown above matches a variety of inputs that I expect to work (including, say, "Password1", and "ππππ1ππππ") by writing a simple program that checks against that expression (the only difference being that each backslash has been doubled in the source code to that class). It looks like I have everything right, here, and yet it's not working for me. Can anyone shed any light on what the problem might be? I'm not even sure how I can debug this, since I don't know how to dump-out the regexp that the validator is eventually using. Any help would be greatly appreciated. Thanks, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAktzQOQACgkQ9CaO5/Lv0PB4wACgsy1tN3zW0AX/qQ++w46mXeQP GvMAoLOJJthTVkVtKGk6ijVeqk92LfJU =1y0w -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@commons.apache.org For additional commands, e-mail: user-h...@commons.apache.org