Validation rules that are not related to datatypes or parameter value validation cannot be defined in the datatypes.xml file.
But you can define such rules by creating a new Rule XML files. The rules XML files can be registered with the application by adding a context parameter for each rule XML file in the web.xml file.
To define a rule for input validation, create an XML file in the following format:
<ValidationRules>
<Rule id="" ruleType="Regex" inputType="" inputName="" uri="" maxLength=""
minLength="" allowNull="" >
<Whitelist>
<RegularExpression ref="" />
</Whitelist>
<Blacklist>
<RegularExpression ref="" />
</Blacklist>
</Rule>
<Rule id="" ruleType="Java" inputType="" inputName="" uri="" impl="" />
<Rule id="abstract1" ruleType="Java" abstract="true" impl="" />
<Rule id="" extends="abstract1" inputType="" inputName="" uri="" />
<Rule id="abstract2" ruleType="Regex" abstract="true" maxLength=""
minLength="" allowNull="" >
<Whitelist>
<RegularExpression ref="" />
</Whitelist>
<Blacklist>
<RegularExpression ref="" />
</Blacklist>
</Rule>
<Rule id="" extends="abstract2" inputType="" inputName="" uri="" maxLength=""
minLength="" allowNull="" />
</ValidationRules>
The following table describes various elements and attributes of the rules XML file.
Element/Attribute |
Description |
---|---|
ValidationRules |
Required. The rules XML file must have ValidationRules as root element. |
Rule |
Optional. Each rule (either java rule or regular expression rule) must be defined as one Rule element. It can have zero or more occurrences. |
id |
Optional. Unique identifier for the rule. Note: This attribute is required, if you are extending an existing rule. If not provided, the existing rule cannot be extended. If a duplicate id found, and it does not result into extension, an exception is thrown. |
abstract |
Optional. Set the value of this attribute to true, if the rule is an abstract rule. An abstract rule can be extended by another rule. |
extends |
Optional. Identifier of the abstract rule being extended. |
ruleType |
Required. Type of rule. Valid Values: Java™, Regex. Note: If
the rule is extending an abstract rule, this attribute should not
be present.
|
inputType |
Required. Type of the input. Valid Values: HTTPParameterValue, HTTPParameterName, HTTPCookieValue, HTTPCookieName, HTTPHeaderValue, HTTPHeaderName, HTTPScheme, HTTPServerName, HTTPContextPath, HTTPPath, HTTPQueryString, HTTPURI, HTTPURL, HTTPJSESSIONID, HTTPServletPath, JavascriptClient. Note: The JavascriptClient input
type is used to fetch validation rules on the client for inputs, which
do not have any datatype associated with them.
Note: For input type JavascriptClient, only global or default
rules can be defined. Therefore, valid values for attribute inputName
are _global_ or _default_. Value of attribute uri is ignored. The
impl attribute should contain the name of the javascript method. The
regular expression defined by attribute ref should have a javascript
regular expression.
Note: For abstract rules,
this attribute should not be present.
|
inputName |
Required. Name of the input. Note: For abstract rules, this attribute should not be present.
|
uri |
Optional. URI for which the rule should be valid. Note: For abstract rules, this attribute should not be present.
|
Child Elements and Attributes for rule type Java |
|
impl |
Required. Fully qualified name of the rule implementation class. This class must extend the ISCValidaitonRule class. Note: If the rule is extending an abstract rule, this attribute
should not be present.
|
Child Elements and Attributes for rule type Regex |
|
maxLength |
Optional. Allowed maximum length. Valid Values: number, string. Note: If the rule is extending
an abstract rule, this value will override the maxLength defined for
an abstract rule.
|
minLength |
Optional. Allowed minimum length. Valid Values: number, string. Note: If the rule is extending an
abstract rule, this value will override the minLength defined for
an abstract rule.
|
allowNull |
Optional. Set the value of this attribute to false, if you want to mandate the value for the input. Valid Values: true, false. Note: If the rule is extending
an abstract rule, this value will override the allowNull defined for
an abstract rule.
|
Whitelist |
Optional. Container element for white list patterns. It can have zero or one occurrence. Note: If the
rule is extending an abstract rule, this attribute should not be present.
|
Blacklist |
Optional. Container element for black list patterns. It can have zero or one occurrence. Note: If the
rule is extending an abstract rule, this attribute should not be present.
|
RegularExpression |
Optional. This element can have zero or many occurrences. |
ref |
Required. Reference of the regular expression definition. |