Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

In which layer should validation be performed?

Tags:

java

validation

model-view-controller

web-services

I am writing a webservice.

Typically the input will be an XML document and the output XML or JSON.

The application uses the MVC patter, having different layers

  • Controllers: Receive XML and provide response (XML/JSON)
  • Service: Business logic, transactions
  • DAO: Query the datasource (a Database or maybe another webservice)

My understanding is that basic validation (ie: XML against XSD) should be done as soon as possible on the Controller layer.

After that, I still need to perform extra validation, some of such validations are basic, for example

  • Date format must be correct
  • User name cannot exceed X characters (maybe also to be performed on the XSD?)

As far as I understand, such basic validations should been done when unmarshalling the XML into a Java object. That would also happend in the controller layer (although the validation itself would be done by the Java object where the XML is unmarshalled into)

And finally I face the more "complex" validations examples

  • The date should not be prior to 1950 (just a random example)
  • If value A is bigger than B, then value C should not exceed D

Such "complex" valiations seems to be a perfect candidate for the javax.validation.Validator interface. And also feels like they should be done in the Controller layer.

The questions are

  1. Is this approach correct? Should I also validate something at other layers?
  2. Am I adding too much logic into controllers? Should I maybe move some validation to the Service layer where the business logic is?
like image 585
Juan Antonio Gomez Moriano Avatar asked May 06 '13 07:05

Juan Antonio Gomez Moriano

People also ask

Where should validation take place?

Data validation should occur in two locations: The point where data is acted upon, for example validating input parameters to an SQL query. General validation at the point where data is submitted, for example in a web application some validation should occur on the client.

What is data validation layer?

Data layer validation is the process whereby you can verify that: Your data layer object is always present. The variables within the object are present. The variable values are in the correct format.

Which layer is responsible for validation before writing on the database?

A service layer is a layer in an application that facilitates communication between the controller and the persistence layer. Additionally, business logic is stored in the service layer. It includes validation logic in particular.

Which logic layer contains the code to perform the validation operation?

The service layer contains business logic. In particular, it contains validation logic.

1 Answers

Is this approach correct? Should I also validate something at other layers?

Yes, partially. It's seems correct to validate input data for correctness like date format, length etc. There is no need to push them to inner layers. They needs to be validated upfront.

There might be some validations according to the business rules, which needs to be done at service layer, like if the username/email already registered while adding user to the system, which will be done in service layer.

Am I adding too much logic into controllers? Should I maybe move some validation to the Service layer where the business logic is?

It isn't considered as logic from my perspective. Validating data into controller is different from adding business logic to it. You aren't altering/manupulating data, but checking for the correctness of the data.

As mentioned above, some validations which follows business rules needs to be implemented in the service layer.

Edit : As you have added web-service tag, imagine that you are calling a web service & then at server side, it came to know that the data has improper format. It might have saved a round trip, server time, network resource etc. if it had been validated earlier.

like image 113
Nayan Wadekar Avatar answered Sep 28 '22 07:09

Nayan Wadekar
Sign in to Comment

Related questions

Java POJO attributes mapping
Android (Java) network programming resources [closed]
Is there a way to get a timeZone with (only) a country code (valid ISO-3166 code)?
Persisting Joda DateTime instead of Java Date in Hibernate
How can I customize the title bar on JFrame?
How to implement polymorphic JPA entities with generic relations
Is it possible to be informed when clipboard content changes outside of java
Why do the Java bytecodes for invoking methods implicitly acquire and release monitors?
Using PDFBox to write UTF-8 encoded strings to a PDF [duplicate]
How can I import NetBeans project to Eclipse and vise versa? [closed]
Factory design pattern - Not use static methods because unit testing is a problem
What is <spring:bind> for? When to use it, and when not to use it?
What is the difference between the <pathelement> attributes 'path' and 'location' in Ant?
Number of significant digits in scientific notation with DecimalFormat
A message body writer for Java class ... and MIME media type text/html was not found [duplicate]
Fastest way to delete cascade multiple objects in Hibernate
Confusion on NaN in Java
Import maven plugin configuration by composition rather than inheritance. Can it be done with build extensions?
Importing protocol buffer definitions between Maven projects
Why does reflection return two methods, when there is only one implementation?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!