値の書き換えを防ぐValidator
hiddenタグの値を、JavaScriptとかリクエスト改ざんで
書き換えられた場合に、エラーを出力するバリデータ。
確認画面のhiddenタグには、必ず埋め込まなきゃいかんでしょう。
package examples.jsf.validator;
import javax.faces.component.StateHolder;
import javax.faces.component.UIComponent;
import javax.faces.component.UIInput;
import javax.faces.context.FacesContext;
import javax.faces.validator.Validator;
import javax.faces.validator.ValidatorException;
import org.seasar.jsf.util.MessageUtil;
import org.seasar.jsf.util.UIComponentUtil;
public class UnalteredValidator implements Validator, StateHolder {
public static final String MESSAGE_ID = "examples.jsf.validator.UnalteredValidator.ALTERED";
private boolean bTransient = false;
public void validate(FacesContext context, UIComponent component,
Object value) throws ValidatorException {
if (value == null) {
return;
}
UIInput input = (UIInput) component;
Object oldValue = input.getValue();
if (value.equals(oldValue) == false) {
Object[] args = { UIComponentUtil.getLabel(component) };
throw new ValidatorException(MessageUtil.getErrorMessage(
MESSAGE_ID, args));
}
}
public boolean isTransient() {
return bTransient;
}
public void setTransient(boolean transientValue) {
this.bTransient = transientValue;
}
public Object saveState(FacesContext context) {
return new Object[0];
}
public void restoreState(FacesContext context, Object state) {
}
}
