I have a User
entity having email property annotated with @Email
@Email
private String email;
I am using @Valid
A email without .
may be considered as valid according to the validators.
In a general way, validator implementations (here it is probably the Hibernate Validator) are not very restrictive about emails.
For example the org.hibernate.validator.internal.constraintvalidators.AbstractEmailValidator javadoc states :
The specification of a valid email can be found in RFC 2822 and one can come up with a regular expression matching all valid email addresses as per specification. However, as this article discusses it is not necessarily practical to implement a 100% compliant email validator. This implementation is a trade-off trying to match most email while ignoring for example emails with double quotes or comments.
And as a side note, I noticed similarly things with HTML Validator for emails.
So I think that the behavior that you encounter actually is which one expected.
And about your question :
Do I need to pass my own regex implementation for @Email(regex="")
Indeed. You don't have any other choice if you want to make the validation more restrictive.
As alternative, this answer creating its own validator via a constraints composition is really interesting as it is DRY (you can reuse your custom ConstraintValidator
without specified at each time the pattern as it will be included in) and it reuses the "good part" of the @Email
ConstraintValidator
:
@Email(message="Please provide a valid email address")
@Pattern(regexp=".+@.+\\..+", message="Please provide a valid email address")
@Target( { METHOD, FIELD, ANNOTATION_TYPE })
@Retention(RUNTIME)
@Constraint(validatedBy = {})
@Documented
public @interface ExtendedEmailValidator {
String message() default "Please provide a valid email address";
Class>[] groups() default {};
Class extends Payload>[] payload() default {};
}