-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All,
Hello, we've been using commons-validator 1.3.1 along with Struts 1.3.8
to do form validation to great success for quite some time (thanks!).
I was recently asked to change our password complexity requirements and
I realized that we had the same "mask" in several different validator
files (we have validator_role1.xml, validator_role2.xml, etc. along with
a global-validator.xml file that contains a custom global validator for
things other than pattern matching).
After a bit of searching, and reading the validator DTD, I saw that one
can define <constant> elements within the <global> element and then use
those constants later in the validators.
Here are the relevant configuration files I have:
global-validator.xml
- --------------------
"-//Apache Software Foundation//DTD Commons Validator Rules
Configuration 1.3.0//EN"
"http://jakarta.apache.org/commons/dtds/validator_1_3_0.dtd";>
<form-validation>
<global>
<validator ... />
<!-- Define constants for the password rules to be used all over -->
<constant>
<!-- Requires a letter (\p{L} is "any unicode letter"),
requires a number -->
<constant-name>password-regexp</constant-name>
<constant-value>^.*(([0-9]+.*\p{L}+)|(\p{L}+.*[0-9]+)).*$</constant-value>
</constant>
<constant>
<constant-name>password-minlength</constant-name>
<constant-value>8</constant-value>
</constant>
<constant>
<constant-name>password-maxlength</constant-name>
<constant-value>4096</constant-value>
</constant>
</global>
</form-validation>
validate_user.xml
- ------------------
<?xml version="1.0" ?>
<!DOCTYPE form-validation PUBLIC
"-//Apache Software Foundation//DTD Commons Validator Rules
Configuration 1.3.0//EN"
"http://jakarta.apache.org/commons/dtds/validator_1_3_0.dtd";>
<form-validation>
<formset>
<form name="profileForm">
<field property="newPassword"
depends="minlength,maxlength,mask">
<arg position="0" key="form.profile.newPassword.prompt"
bundle="User" />
<arg position="1" name="minlength" key="${var:minlength}"
resource="false" />
<arg position="2" name="maxlength" key="${var:maxlength}"
resource="false" />
<msg name="mask" bundle="User" key="error.invalid.password"
/><!-- Specific error message for this one -->
<var><var-name>minlength</var-name><var-value>${password-minlength}</var-value></var>
<var><var-name>maxlength</var-name><var-value>${password-maxlength}</var-value></var>
<var>
<var-name>mask</var-name>
<var-value>${password-regexp}</var-value>
</var>
</field>
</form>
</formset>
</form-validation>
I don't see any errors during startup, and I also don't see any at
runtime (but I did while configuring them in the first place, with typos
and stuff like that showing up in the error logs, so I know that I can
see errors when they /do/ occur). I can see the following messages in my
stdout log during startup:
2010-02-10 18:07:02,899 [main] INFO
org.apache.struts.validator.ValidatorPlugIn- Loading validation rules
file from '/WEB-INF/global-validator.xml'
2010-02-10 18:07:02,899 [main] INFO
org.apache.struts.validator.ValidatorPlugIn- Loading validation rules
file from '/WEB-INF/validate_user.xml'
No errors are displayed afterward, so I assume that everything is copacetic.
Unfortunately for me, when attempting to validate my form using this new
setup, the validation fails and I am presented with the error message
associated with "error.invalid.password", indicating that the "mask"
validation has failed.
I have verified that, if I fail to enter the requisite number of
characters, I'll get a message that says "The field password cannot be
less than 8 characters", which comes from a parameterized message so I
know the "8" is being correctly substituted, here.
Finally, I have checked that my regular expression shown above matches a
variety of inputs that I expect to work (including, say, "Password1",
and "ππππ1ππππ") by writing a simple program that checks against that
expression (the only difference being that each backslash has been
doubled in the source code to that class).
It looks like I have everything right, here, and yet it's not working
for me. Can anyone shed any light on what the problem might be? I'm not
even sure how I can debug this, since I don't know how to dump-out the
regexp that the validator is eventually using.
Any help would be greatly appreciated.
Thanks,
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAktzQOQACgkQ9CaO5/Lv0PB4wACgsy1tN3zW0AX/qQ++w46mXeQP
GvMAoLOJJthTVkVtKGk6ijVeqk92LfJU
=1y0w
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
