Java Server Faces form validators

Posted by marian on November 01, 2009

There are three clear trends towards building web-pages these days: PHP, ASP, and JSP / JSF / Struts.
This post addresses the problem of writing custom data validators for web forms.
Validators are introduced in JSF pages by the “validator” tag, a custom input field looking like:

The name of the validator is given by the validatorId.

The mapping between the validatorId and the class handling the validation is done through the faces-config.xml.
<?xml version=’1.0′ encoding=’UTF-8′?>
<faces-config version=”1.2″
xmlns=”http://java.sun.com/xml/ns/javaee”
xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance”
xsi:schemaLocation=”http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-facesconfig_1_2.xsd”>
<managed-bean>

</managed-bean>

<navigation-rule>
<from-view-id> … </from-view-id>
<navigation-case>
<from-outcome>…</from-outcome>
<to-view-id>…</to-view-id>
</navigation-case>
</navigation-rule>

<validator>
<validator-id>NameValidator</validator-id>
<validator-class>NameValidator</validator-class>
</validator>
</faces-config>
The name validator is backed up by some Java code, that handles the corresponding validation. Basically a custom field validator implements the marker interface javax.faces.validator.Validator, having a single method called validate. The data is passed to our validating class through the mediation of the “value” object, which has to be cast to the type we are expecting it to be. To offer greater flexibility I created an Abstract Class which handles all the JSF’s API calls, which is latter implemented by a concrete class.

  1. import javax.faces.application.FacesMessage;
  2. import javax.faces.component.UIComponent;
  3. import javax.faces.context.FacesContext;
  4. import javax.faces.validator.Validator;
  5. import javax.faces.validator.ValidatorException;
  6.  
  7. public abstract class AbstractValidator implements Validator{
  8.  
  9.     public abstract boolean validValue(String text);
  10.     public abstract String getErrorMessage();
  11.  
  12.     public void validate(FacesContext context, UIComponent component,
  13.             Object value) {
  14.  
  15.         if (value == null) return;
  16.  
  17.         String text = value.toString();
  18.  
  19.         if (!validValue(text)) {
  20.              FacesMessage message = new FacesMessage(
  21.                         FacesMessage.SEVERITY_ERROR,
  22.                         getErrorMessage(), null);
  23.                 throw new ValidatorException(message);
  24.         }
  25.     }
  26. }

The concrete class adapts our abstract validator to our needs :

  1. public class NameValidator extends AbstractValidator {
  2.  
  3.     private char prohibited[] = {'/', '.'};
  4.     private static String ERROR_MESSAGE = "Invalid name format.";
  5.  
  6.     @Override
  7.     public String getErrorMessage(){
  8.         return ERROR_MESSAGE;
  9.     }
  10.  
  11.      @Override
  12.     public boolean validValue(String text) {
  13.         if (text.length()==0) {
  14.              return false;
  15.         }
  16.         for (int i = 0; i &lt; prohibited.length; i++) {
  17.             if (text.indexOf(prohibited[i]) != -1) {
  18.                 return false;
  19.             }
  20.         }
  21.         return true;
  22.     }
  23. }

A sample IPtables configuration script

Posted by marian on November 01, 2009 

PATH=/sbin:/usr/sbin:/bin:/usr/bin
export PATH

# flush all chains
iptables -F
# set the default policy for each of the pre-defined chains
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
#qemu, kvm
iptables  -A POSTROUTING -s 192.168.122.0/24 -d ! 192.168.122.0/24 -j MASQUERADE
#create a new chain for reporting droped packets
iptables -N LOGDROP
iptables -A LOGDROP -j LOG
iptables -A LOGDROP -j DROP
# allow establishment of connections initialised by my outgoing packets
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
#qemu, kvm
iptables -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
iptables -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
iptables -A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
iptables -A INPUT -p tcp --dport 111 -j DROP
# accept anything on localhost
iptables -A INPUT -i lo -j ACCEPT
#!!!!#drop everything else
iptables -A INPUT -j LOGDROP
#qemu, kvm
iptables -A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
iptables -A FORWARD -i virbr0 -o virbr0 -j ACCEPT
iptables -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
iptables -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
#!!!!#drop everything else
iptables -A OUTPUT -p tcp -m tcp --dport 5432 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 8443 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 5432 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 8080 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 1900 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 135 -j  DROP
iptables -A OUTPUT -p tcp -m tcp --dport 435 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 631 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 111 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 25 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 4444 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 8099 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 6000 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 2049 -j DROP
iptables -A OUTPUT -p tcp -m tcp --dport 5901 -j ACCEPT
iptables -A OUTPUT -j ACCEPT
#iptables -A LOGDROP -m limit --limit 1/sec -j LOG --log-prefix "iptables denied: " --log-level 7
#iptables -A LOGDROP -j DROP