I have a User
entity having email property annotated with @Email
@Email
private String email;
I am using @Valid
(javax.validation.Valid) annotation on my Controller class. The issue is that the controller validator is passing the invalid emails. Example:
pusp@1 - obviously this is an invalid email address
pusp@fake
The pattern I noticed is, the @Email
only want sometext@text, it don't care for the extensions(.com/org etc). Is it the expected behaviour? Do I need to pass my own regex implementation for @Email(regex="")
A email without .
may be considered as valid according to the validators.
In a general way, validator implementations (here it is probably the Hibernate Validator) are not very restrictive about emails.
For example the org.hibernate.validator.internal.constraintvalidators.AbstractEmailValidator
javadoc states :
The specification of a valid email can be found in RFC 2822 and one
can come up with a regular expression matching all valid email
addresses as per specification. However, as this article discusses it
is not necessarily practical to implement a 100% compliant email
validator. This implementation is a trade-off trying to match most
email while ignoring for example emails with double quotes or
comments.
And as a side note, I noticed similarly things with HTML Validator for emails.
So I think that the behavior that you encounter actually is which one expected.
And about your question :
Do I need to pass my own regex implementation for @Email(regex="")
Indeed. You don't have any other choice if you want to make the validation more restrictive.
As alternative, this answer creating its own validator via a constraints composition is really interesting as it is DRY (you can reuse your custom ConstraintValidator
without specified at each time the pattern as it will be included in) and it reuses the "good part" of the @Email
ConstraintValidator
:
@Email(message="Please provide a valid email address")
@Pattern(regexp=".+@.+\\..+", message="Please provide a valid email address")
@Target( { METHOD, FIELD, ANNOTATION_TYPE })
@Retention(RUNTIME)
@Constraint(validatedBy = {})
@Documented
public @interface ExtendedEmailValidator {
String message() default "Please provide a valid email address";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}