Radu Cotescu, profile picture
Uploaded byRadu Cotescu
1,750 views

Apache Sling Generic Validation Framework

This document discusses the Apache Sling Generic Validation Framework, which provides a way to validate input from clients or environments in Apache Sling applications. It presents the key components of the framework, including the ValidationService, ValidationModel, and ValidationResult. Features currently available include validation of resources and request parameters based on ValidationModel content structures. Planned features include JavaScript validators and client-side validation.

Embed presentation

Download to read offline
APACHE SLING & FRIENDS TECH MEETUP BERLIN, 22-24 SEPTEMBER 2014 Apache Sling Generic Validation Framework rev 3.20140922 Radu Cotescu ASF committer, Sling contributor Computer Scientist @ Adobe Systems @raducotescu -­‐ radu@apache.org
adaptTo() Apache Sling Generic Validation Framework The most common web application security weakness is the failure to properly validate input from the client or environment. [1] 2
adaptTo() A Bit of History 3
adaptTo() A Bit of History 4
The Building Blocks adaptTo() 5
adaptTo() The Building Blocks 6 ValidationService •main entry point into the Validation API •responsible for retrieving a ValidationModel and for performing the validation operation
adaptTo() The Building Blocks 6 ValidationModel •descriptive structure for the validated object
adaptTo() The Building Blocks 6 ResourceProperty •describes one of the validated object’s properties •it has a Type and optionally a Validator
adaptTo() The Building Blocks 6 Validator •validates a single piece of information •can receive arguments
adaptTo() The Building Blocks 6 ChildResource •defines validation rules for resource trees •it’s comprised of one or more ResourceProperty objects
adaptTo() The Building Blocks 6 ValidationResult •holds the validation result - boolean •it can contain validation error messages
adaptTo() Expressing a ValidationModel as content 7
adaptTo() Expressing a ValidationModel as content apps.validation.model.page --applicablePaths=[‘/content/p/1’, ‘/content/p/2’] --sling:resourceType=sling/validation/model --validatedResourceType=/apps/p/c/page greeting --propertyType=string org.apache.sling.validation.impl.validators.RegexValidator --validatorArguments=[‘regex=^HelloWorld$’] 8
codeExamples(); adaptTo() 9
adaptTo() The ValidationService // resource validation ValidationModel model = validationService.getValidationModel(resource); if (model != null) { ValidationResult result = validationService.validate(resource, model); } // request validation ValueMap map = request.adaptTo(ValueMap.class); ValidationModel model = validationService.getValidationModel(VALIDATED_RESOURCE_TYPE, APPLICABLE_PATH); if (model != null) { ValidationResult result = validationService.validate(map, model); } 10
adaptTo() Simple integration with Sling Models @PostConstruct protected void validateResource() { ValidationModel vm = validationService.getValidationModel(resource); if (vm != null) { ValidationResult vr = validationService.validate(resource, vm); if (!vr.isValid()) { // do your processing here } } } 11
adaptTo() Features available today 1. ValidationModels based on content structures. 2. The ValidationModels allow resource-tree validation but also request parameters validation. 3. Non-intrusive for existing Sling Models 12
adaptTo() Planned features 1. Provide JavaScript validators. 2. Translate ValidationModel content structures into JavaScript objects for client-side validation. 3. Define a Validation client library. 13
Demo adaptTo() 14
adaptTo() Apache Sling Generic Validation Framework 15
adaptTo() Thank you! Links & Resources https://github.com/raducotescu/org.apache.sling.validation https://issues.apache.org/jira/browse/SLING-2803 [1] https://www.owasp.org/index.php/Data_Validation#Description The demo artifacts can be found in the examples folder from the Git repository. 16

More Related Content

PPTX
Sling Models Overview
byJustin Edelson
 
PPTX
Sling models by Justin Edelson
byAEM HUB
 
PPTX
AEM and Sling
byLo Ki
 
PDF
Sling Models Using Sightly and JSP by Deepak Khetawat
byAEM HUB
 
PPTX
Mastering the Sling Rewriter
byJustin Edelson
 
PPTX
When Sightly Meets Slice by Tomasz Niedźwiedź
byAEM HUB
 
PDF
AEM Sightly Template Language
byGabriel Walt
 
PPTX
Building Creative Product Extensions with Experience Manager
byJustin Edelson
 
Sling Models Overview
byJustin Edelson
 
Sling models by Justin Edelson
byAEM HUB
 
AEM and Sling
byLo Ki
 
Sling Models Using Sightly and JSP by Deepak Khetawat
byAEM HUB
 
Mastering the Sling Rewriter
byJustin Edelson
 
When Sightly Meets Slice by Tomasz Niedźwiedź
byAEM HUB
 
AEM Sightly Template Language
byGabriel Walt
 
Building Creative Product Extensions with Experience Manager
byJustin Edelson
 

What's hot

PPTX
Introduction to Sightly and Sling Models
byStefano Celentano
 
PPTX
Integration patterns in AEM 6
byYuval Ararat
 
ODP
DynamicRecord Presentation
bylinoj
 
PDF
Sling Component Filters in CQ5
byconnectwebex
 
PPTX
Demystifying Oak Search
byJustin Edelson
 
PDF
slingmodels
byAnkur Chauhan
 
PDF
Seven Versions of One Web Application
byYakov Fain
 
PDF
Dart for Java Developers
byYakov Fain
 
PDF
Python Ireland Nov 2009 Talk - Appengine
byPython Ireland
 
PDF
Real Life MAF (2.2) Oracle Open World 2015
byLuc Bors
 
PPT
Spring training
byTechFerry
 
PPTX
React advance
byVivek Tikar
 
PDF
DS, BP, EJB, CDI, WTF!? - Graham Charters
bymfrancis
 
PPT
Hibernate training
byTechFerry
 
PDF
jDays2015 - JavaEE vs. Spring Smackdown
byMert Çalışkan
 
PPTX
Real life-maf-2015
byLuc Bors
 
PDF
Opinionated AngularJS
byprabhutech
 
PDF
Introduction to React Native Workshop
byIgnacio Martín
 
Introduction to Sightly and Sling Models
byStefano Celentano
 
Integration patterns in AEM 6
byYuval Ararat
 
DynamicRecord Presentation
bylinoj
 
Sling Component Filters in CQ5
byconnectwebex
 
Demystifying Oak Search
byJustin Edelson
 
slingmodels
byAnkur Chauhan
 
Seven Versions of One Web Application
byYakov Fain
 
Dart for Java Developers
byYakov Fain
 
Python Ireland Nov 2009 Talk - Appengine
byPython Ireland
 
Real Life MAF (2.2) Oracle Open World 2015
byLuc Bors
 
Spring training
byTechFerry
 
React advance
byVivek Tikar
 
DS, BP, EJB, CDI, WTF!? - Graham Charters
bymfrancis
 
Hibernate training
byTechFerry
 
jDays2015 - JavaEE vs. Spring Smackdown
byMert Çalışkan
 
Real life-maf-2015
byLuc Bors
 
Opinionated AngularJS
byprabhutech
 
Introduction to React Native Workshop
byIgnacio Martín
 

More from Radu Cotescu

PDF
Scaling API-first – The story of a global engineering organization
byRadu Cotescu
 
PDF
Paving the way to a native Sling
byRadu Cotescu
 
PDF
Using OSGi for script deployment in Apache Sling
byRadu Cotescu
 
PDF
Apache Sling Scripting Reloaded
byRadu Cotescu
 
PDF
HTL Compilers and Tooling
byRadu Cotescu
 
PDF
Modern Web Applications with Sightly
byRadu Cotescu
 
Scaling API-first – The story of a global engineering organization
byRadu Cotescu
 
Paving the way to a native Sling
byRadu Cotescu
 
Using OSGi for script deployment in Apache Sling
byRadu Cotescu
 
Apache Sling Scripting Reloaded
byRadu Cotescu
 
HTL Compilers and Tooling
byRadu Cotescu
 
Modern Web Applications with Sightly
byRadu Cotescu
 

Recently uploaded

PPTX
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
PDF
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
PDF
Physiotherapist App Development for Modern Rehabilitation
byV3CUBE TECHNOLABS
 
PDF
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
PPTX
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
PDF
Why I Volunteer at FOSDEM and You Should Too
byImma Valls Bernaus
 
PDF
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
PDF
Accelerating Data Validation with QuerySurge AI
byRTTS
 
PDF
2026-01-26 - AWS - Architecting Multi-Agent Developer Workflows.pdf
byhlibco
 
PDF
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
PDF
Figma systems development services
bydavidjohansen1597
 
PDF
The Growing Impact of Blockchain and Web3 on Digital Ownership With Paul Inou...
byPaul Inouye
 
PDF
AI-native development: from Prompt to Platform
byMaxim Salnikov
 
PPTX
Edison MuleSoft Meetup : Vibe Coding | MuleSoft Meetups
bySravan Lingam
 
PDF
On Demand Grocery Delivery App Development.pdf
byV3CUBE TECHNOLABS
 
PDF
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
PPTX
Salesforce Spring '26 Release presentation - Melbourne Salesforce User Group
byAnne N
 
PDF
谷歌留痕技术教程[ 𝙩𝙤𝙥 𝟮𝟯𝟯. 𝙘 𝙤𝙢 ]
by6stynggfo
 
PPTX
Device Repair and Maintenance Management
byAxisTechnolabs
 
PDF
Windows Server 2025 Administration Fundamentals 4ED
byraynasolomon136
 
HackYourBrain_JFokusConference_03022026.pptx
bySimonedeGijt
 
Track Phone Location on iPhone (2026)_ What Actually Works, What’s a Scam, an...
byOlive Dimitrescu
 
Physiotherapist App Development for Modern Rehabilitation
byV3CUBE TECHNOLABS
 
20260201 [FOSDEM] gomodjail - library sandboxing for Go modules.pdf
byAkihiro Suda
 
HR Software for Construction: Smarter Workforce & Payroll Management
byhelixtahr
 
Why I Volunteer at FOSDEM and You Should Too
byImma Valls Bernaus
 
2026 Safety Roadmap: Systems, Skills, and Scale for EHS Leaders
byTECH EHS Solution
 
Accelerating Data Validation with QuerySurge AI
byRTTS
 
2026-01-26 - AWS - Architecting Multi-Agent Developer Workflows.pdf
byhlibco
 
Animated Safety Induction: A Smarter Way to Onboard for Workplace Safety
byTECH EHS Solution
 
Figma systems development services
bydavidjohansen1597
 
The Growing Impact of Blockchain and Web3 on Digital Ownership With Paul Inou...
byPaul Inouye
 
AI-native development: from Prompt to Platform
byMaxim Salnikov
 
Edison MuleSoft Meetup : Vibe Coding | MuleSoft Meetups
bySravan Lingam
 
On Demand Grocery Delivery App Development.pdf
byV3CUBE TECHNOLABS
 
Image and video processing: From Mars to Hollywood with a stop at the hospita...
byHarinath Palavalli
 
Salesforce Spring '26 Release presentation - Melbourne Salesforce User Group
byAnne N
 
谷歌留痕技术教程[ 𝙩𝙤𝙥 𝟮𝟯𝟯. 𝙘 𝙤𝙢 ]
by6stynggfo
 
Device Repair and Maintenance Management
byAxisTechnolabs
 
Windows Server 2025 Administration Fundamentals 4ED
byraynasolomon136
 

Apache Sling Generic Validation Framework

  • 1.
    APACHE SLING &FRIENDS TECH MEETUP BERLIN, 22-24 SEPTEMBER 2014 Apache Sling Generic Validation Framework rev 3.20140922 Radu Cotescu ASF committer, Sling contributor Computer Scientist @ Adobe Systems @raducotescu -­‐ radu@apache.org
  • 2.
    adaptTo() Apache SlingGeneric Validation Framework The most common web application security weakness is the failure to properly validate input from the client or environment. [1] 2
  • 3.
    adaptTo() A Bitof History 3
  • 4.
    adaptTo() A Bitof History 4
  • 5.
    The Building Blocks adaptTo() 5
  • 6.
    adaptTo() The BuildingBlocks 6 ValidationService •main entry point into the Validation API •responsible for retrieving a ValidationModel and for performing the validation operation
  • 7.
    adaptTo() The BuildingBlocks 6 ValidationModel •descriptive structure for the validated object
  • 8.
    adaptTo() The BuildingBlocks 6 ResourceProperty •describes one of the validated object’s properties •it has a Type and optionally a Validator
  • 9.
    adaptTo() The BuildingBlocks 6 Validator •validates a single piece of information •can receive arguments
  • 10.
    adaptTo() The BuildingBlocks 6 ChildResource •defines validation rules for resource trees •it’s comprised of one or more ResourceProperty objects
  • 11.
    adaptTo() The BuildingBlocks 6 ValidationResult •holds the validation result - boolean •it can contain validation error messages
  • 12.
    adaptTo() Expressing aValidationModel as content 7
  • 13.
    adaptTo() Expressing aValidationModel as content apps.validation.model.page --applicablePaths=[‘/content/p/1’, ‘/content/p/2’] --sling:resourceType=sling/validation/model --validatedResourceType=/apps/p/c/page greeting --propertyType=string org.apache.sling.validation.impl.validators.RegexValidator --validatorArguments=[‘regex=^HelloWorld$’] 8
  • 14.
  • 15.
    adaptTo() The ValidationService // resource validation ValidationModel model = validationService.getValidationModel(resource); if (model != null) { ValidationResult result = validationService.validate(resource, model); } // request validation ValueMap map = request.adaptTo(ValueMap.class); ValidationModel model = validationService.getValidationModel(VALIDATED_RESOURCE_TYPE, APPLICABLE_PATH); if (model != null) { ValidationResult result = validationService.validate(map, model); } 10
  • 16.
    adaptTo() Simple integrationwith Sling Models @PostConstruct protected void validateResource() { ValidationModel vm = validationService.getValidationModel(resource); if (vm != null) { ValidationResult vr = validationService.validate(resource, vm); if (!vr.isValid()) { // do your processing here } } } 11
  • 17.
    adaptTo() Features availabletoday 1. ValidationModels based on content structures. 2. The ValidationModels allow resource-tree validation but also request parameters validation. 3. Non-intrusive for existing Sling Models 12
  • 18.
    adaptTo() Planned features 1. Provide JavaScript validators. 2. Translate ValidationModel content structures into JavaScript objects for client-side validation. 3. Define a Validation client library. 13
  • 19.
  • 20.
    adaptTo() Apache SlingGeneric Validation Framework 15
  • 21.
    adaptTo() Thank you! Links & Resources https://github.com/raducotescu/org.apache.sling.validation https://issues.apache.org/jira/browse/SLING-2803 [1] https://www.owasp.org/index.php/Data_Validation#Description The demo artifacts can be found in the examples folder from the Git repository. 16