Validation Framework - Part One
Our previous project was a web application with high security requirements.So we decided to use validations to validate the input and prevent user from entering harmful data or data that could make an application behave unexpectedly.We choose to use both client and server side validations on our pages because there was a possibilty of user disabling javascript on the browser and hence bypassing client side validations.Hence Regular ASP.NET validation controls were used and we had Required Field Validators, Regex Validators, Range Validators and Custom Validators across our pages.We set the EnableClientSide property of the validators to true to make sure client side validations fire.Once client side validations passed, on every postback event we were again checking for Page.IsValid property before proceeding to our event handling code.Now to evaluate Page.IsValid property, ASP.NET fires all validations again on the server side as well.
Well, the project is over and working fine.I moved on to my next assignment.Now I was wondering if the previous approach was the best one.Somehow the idea of firing the validations twice bothered me.Besides you remove your web pages and try consuming your business logic layer through some other client like a windows application or a web service, you leave your business logic vulnerable.The validations are gone.You need to rework.Tying it to the entity level is a better idea because at the end of the day you will be binding these entities to your web pages and passing them across your layers.Hence thats is what is actually getting validated.So what I am thinking of is some sort of a framework which would be tied to the entity and would be invoked whenever the entity is getting used, either in the web page or through a windows application or through some other web service call.
So I tried using Enterprise Library's Validation Application Block and I found it was a little closer to what I had in my mind, only thing I find it a little inflexible.So the search for a better way of validating is still on...will keep you posted once I figure out how I can achieve what I have in my mind for my current project.
Well, the project is over and working fine.I moved on to my next assignment.Now I was wondering if the previous approach was the best one.Somehow the idea of firing the validations twice bothered me.Besides you remove your web pages and try consuming your business logic layer through some other client like a windows application or a web service, you leave your business logic vulnerable.The validations are gone.You need to rework.Tying it to the entity level is a better idea because at the end of the day you will be binding these entities to your web pages and passing them across your layers.Hence thats is what is actually getting validated.So what I am thinking of is some sort of a framework which would be tied to the entity and would be invoked whenever the entity is getting used, either in the web page or through a windows application or through some other web service call.
So I tried using Enterprise Library's Validation Application Block and I found it was a little closer to what I had in my mind, only thing I find it a little inflexible.So the search for a better way of validating is still on...will keep you posted once I figure out how I can achieve what I have in my mind for my current project.
Comments