JCH
Java Community | Help. Code. Learn.8mo ago
Victor

SPRING: validation returning error 500 instead of 400

Why does the validation return an internal server error instead of a bad request when the request does not pass validation? I've seen some videos about validation and in the examples it returned a bad request but in my application its returning error 500, here is my model class 
@Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;
    //@Column(nullable = false, unique = true)
    @NotBlank
    private String username;
    @Column(nullable = false, unique = true)
    private String email;
@Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;
    //@Column(nullable = false, unique = true)
    @NotBlank
    private String username;
    @Column(nullable = false, unique = true)
    private String email;
the post method 
@PostMapping
    public ResponseEntity<UserModel> postUser(@Valid
                                              @RequestBody UserDTO userDTO) {

        var user = new UserModel();
        BeanUtils.copyProperties(userDTO, user);
        return ResponseEntity.status(HttpStatus.CREATED).body(userService.save(user));

    }
@PostMapping
    public ResponseEntity<UserModel> postUser(@Valid
                                              @RequestBody UserDTO userDTO) {

        var user = new UserModel();
        BeanUtils.copyProperties(userDTO, user);
        return ResponseEntity.status(HttpStatus.CREATED).body(userService.save(user));

    }
and this is the error when i send a request with a blank username: jakarta.validation.ConstraintViolationException: Validation failed for classes [com.vss.wardrober.models.UserModel] during persist time for groups [jakarta.validation.groups.Default, ] List of constraint violations:[ ConstraintViolationImpl{interpolatedMessage='must not be blank', propertyPath=username, rootBeanClass=class com.vss.wardrober.models.UserModel, messageTemplate='{jakarta.validation.constraints.NotBlank.message}'} ]
4 Replies
JavaBot
JavaBot8mo ago
This post has been reserved for your question.
Hey @Victor! Please use /close or the Close Post button above when your problem is solved. Please remember to follow the help guidelines. This post will be automatically closed after 300 minutes of inactivity.
TIP: Narrow down your issue to simple and precise questions to maximize the chance that others will reply in here.
Peter Rader
Peter Rader8mo ago
The request allow a blank username, no 400 here! The response is not allowed to have a blank username, so the code 500 must be thrown. TLDR; As you can read here: https://datatracker.ietf.org/doc/html/rfc7231#section-6.5.1 The code 400 is used for a invalid request 
The 400 (Bad Request) status code indicates that the server cannot or
   will not process the request due to something that is perceived to be
   a client error (e.g., malformed request syntax, invalid request
   message framing, or deceptive request routing).
The 400 (Bad Request) status code indicates that the server cannot or
   will not process the request due to something that is perceived to be
   a client error (e.g., malformed request syntax, invalid request
   message framing, or deceptive request routing).
The request is expressed by your class UserDTO and 1. Thy syntax is correct 2. The message framing is correct 3. the deceptive request routing is correct 4. the client has no error. So 400 is indeed inappropriate! The problem starts during the serialization of the UserModel. You return a UserModel. The UserModel is a entity, thats fine. But UserModel have a blank username, that is not ok. Suggestion: Modify the UserDTO to disallow blank usernames.
Victor
VictorOP8mo ago
Thanks for the help! I think i understand, i'll try it out tomorrow but can you explain what you mean by "the deceptive request routing is correct?" thanks
JavaBot
JavaBot8mo ago
If you are finished with your post, please close it. If you are not, please ignore this message. Note that you will not be able to send further messages here after this post have been closed but you will be able to create new posts. 💤 Post marked as dormant
This post has been inactive for over 300 minutes, thus, it has been archived. If your question was not answered yet, feel free to re-open this post or create a new one. In case your post is not getting any attention, you can try to use /help ping. Warning: abusing this will result in moderative actions taken against you.

Did you find this page helpful?