How do you implement conditional validation in a WPF application?
In this case the validation is based on user intention, not other property values.
When the user issues an Approve command then a particular property must be present. An error message and error border should appear.
When the user issues a Deny command I don't care. No error is required if the property is not entered.
Related
I am making an website that has register and login functionality which works fine. However, I want to add confirmation code process after the registration process.
I can create a random confirmation code in frontend(Angular) side and send it with SMTP protocol to user email account and user should enter this confirmation code in 2 minutes. However when I think more, it can cause a conflict(very slight possibility but not impossible) like it can be generated same confirmation code in 2 minutes.
So, now I decided to generate confirmation code in backend side(Spring Boot) and make the confirmation checking in backend side. So, in backend side I should check the generated confirmation code is generated already in 2 minutes.
Thus, I can use a dynamic list that has active confirmation codes and search the generated confirmation code in the list. If the code exist in the list, then create another one until the list doesn't have.
How can I create a dynamic global list that can be visible among all different request in Spring Boot?
Or there is another way(best practice) for this confirmation process?
In Keycloak we have a created a custom ftl registration theme that has removed the optional first name and last name fields. Our system only requires the user to have an email address and password.
However when the user hits enter an error is displayed indicating that the first name and last name need to be entered.
In the Keycloak UserModel these fields are optional, and it is also possible to create users via the admin console / api without firstname and lastname.
How do we remove these fields from the keycloak form validation on the registration screen?
Profile Validation can be disabled from the Authentication -> Flows area in the Admin Console.
Changing the dropdown option to 'Registration' will display the actions used on the Registration Form. Setting 'Profile Validation' to DISABLED will prevent the RegistrationProfile Form Action from being used.
This will prevent all 3 fields (First Name, Last Name & Email) from being checked, you would probably need to implement your own validation action if you wanted more control over which fields to check.
I'm just trying to understand the "Validation" within Spring MVC. I set up a small validation form, which is working just fine. However I got a couple of questions all those Tutorials don't answer
As far as I understood the Validator just gets every form-element altered and checks if it is valid or not. What if I want a user to only be able to alter specific form-elements.
Let's say I have an Admin and a regular User on my webpage, they both are allowed to edit their profiles. The admin however is allowed to alter his username, the regular isn't allowed to do that. They both use the "edit-profile.jsp" and therefore the same Validator. I could just grey out the username field in my regular user's view, but let's assume he's not a total BDU and adds a form-field via debugger of his webbrowser, overriding the actual username input-field. He then alters his username and sends the request to MVC. The validator assumes the username altered came from the original input-field and updates the user's nickname in the db accordingly, since both, the admin and the regular user just use the same Validator and the same "updateAllAltered"-DAO method. The same goes for select option-lists. Let's say the Admin is allowed to set a status of a profile to active AND inactive. The user however is only allowed to set it's own profile to inactive but can't reactivate it by himself. I could do the same as above, just altering the option-panel in the frontend to only show "INACTIVE" in the regular user's dropdown box. But we could repeat the same scenario, where the user just adds a debug form-field containing also the option "ACTIVE". This can get out of hand if e.g. the Admin is allowed to change Roles to "admin, member, moderator", while a user, who's i.e. a moderator within a forum can change roles to "member or moderator". He could just again add another field and plugin "admin" and gain total control of the forum.
How is this handled in Spring?
Basically you have to handle by spring security for your use case, design your application security, you will find basic spring security examples easily.
Example you can block your HTML code in JSP by spring security tags by user roles.
<sec:authorize access="hasAnyRole('ROLE_ADMIN')">
Delete
</sec:authorize>
You can annotate any of your methods by roles to block access.
#Secured({ "ROLE_ADMIN" })
Can you suggest good practices for information related to validation messages in the user interface. Assuming you have a the following tables (User, Address, Email) and we use JPA to model our entities and the underlying validation provider is Hibernate.
The default messages which are throws when a value is empty or incorrect is either
validator.required=value is required
validator.notNull=may not be null
It would be ideal to provide user friendly messages like.
Enter your password here
Enter your first name
Enter the city name
City name cannot contain numerical characters
Any suggestions on web sites which already do this or a set of grammatically correct sample messages for the exisiting default keys shipped as part of hibernate validator jar will be useful.
I found this link from www.SmashingMagazine.com to be an excellent article on error messages, validation and other aspects of providing feedback to your site users.
I am interested in customizing the authentication method for a Joomla website.
There is a comprehensive tutorial on how to make a custom authentication plug-in, however a plug-in of that sort customizes the behavior on each log-in.
The behavior I need to implement should occur only once during registration. Is there any way to implement this?
You'll want to create a user plugin that responds to the onBeforeStoreUser event instead of an authentication plugin. The plugin creation process is much the same for user plugins. The onBeforeStoreUser event receives two arguments: the user object and a boolean flag indicating whether or not the user is a new one.
You can look at plugins/user/example.php to see all of the user plugin event handlers.