Using Jakarta Bean Validation for Robust Data Validation in Java Applications

In modern development, most front‑end data comes from APIs, so ensuring that the received data is accurate, legal, and does not break the application is essential; Jakarta Bean Validation provides a standardized, annotation‑based approach to achieve this.

The Jakarta Bean Validation (formerly Java Bean Validation) specification defines a set of standard interfaces for data validation, with Hibernate Validator being the most widely used implementation. The standard has evolved through three JSR versions (JSR‑349, JSR‑380, etc.) and is now maintained by the Eclipse Foundation.

Typical use cases include validating data after an API is intercepted or tampered with, monitoring third‑party service responses, component‑level validation in modular applications, and online issue diagnosis by reporting abnormal data to monitoring platforms.

Java annotations serve as metadata that can be applied to classes, methods, fields, or parameters. They enable declarative validation without cluttering business logic, improve readability, and promote reuse across multiple interfaces.

To use Jakarta Bean Validation, add the appropriate dependencies. For the validation‑api‑1.1 version, the Gradle snippet is:

api 'org.hibernate:hibernate-validator:5.0.+'
implementation 'javax.el:javax.el-api:2.2.4'
implementation 'org.glassfish.web:javax.el:2.2.4'

For validation‑api‑2.0, the dependencies change to:

api group: 'org.hibernate.validator', name: 'hibernate-validator', version: '6.0.+'
api 'org.glassfish:javax.el:3.0.+'

Configuration is straightforward: create a HibernateValidatorConfiguration , enable fast‑fail mode if desired, set a custom message interpolator, and ignore XML configuration when not needed.

HibernateValidatorConfiguration configuration = Validation.byProvider(HibernateValidator.class).configure()
    .failFast(true)
    .messageInterpolator(null)
    .ignoreXmlConfiguration();
ValidatorFactory factory = configuration.buildValidatorFactory();

Common validation annotations for primitive types include @AssertFalse , @AssertTrue , @DecimalMax , @DecimalMin , @Future , @Past , @Max , @Min , @NotNull , @Null , and @Size . A sample bean with these annotations is shown below.

public class ValidationBean {
    @AssertFalse(message = "must be false")
    public boolean assertFalse;
    @AssertTrue(message = "must be true")
    public boolean assertTrue;
    @DecimalMax(value = "55", message = "cannot exceed 55")
    public int decimalMax;
    @DecimalMin(value = "55", message = "cannot be less than 55")
    public int decimalMin;
    @Future(message = "must be in the future")
    public Date futureDate;
    @Past(message = "must be in the past")
    public Date pastDate;
    @Max(5)
    public int max;
    @Min(5)
    public int min;
    @NotNull(message = "cannot be null")
    public Object objNotNull;
    @Null(message = "must be null")
    public Object objNull;
    @Size(min = 1, max = 5, message = "length must be 1‑5")
    public String strLength;
}

Testing the bean with deliberately invalid values produces a set of ConstraintViolation objects that can be logged or sent to a monitoring system.

For composite objects, the @Valid annotation enables cascade validation. Example:

public static class SubValidationBean {
    @NotNull(message = "name cannot be null")
    public String name;
    @NotNull(message = "id cannot be null")
    public String id;
}

public class ValidationBean {
    @Valid
    public SubValidationBean subBean;
    @Valid
    @NotNull(message = "list cannot be null")
    @Size(min = 1, max = 5, message = "list size must be 1‑5")
    public List
beanList;
}

Advanced features include ordered validation using @GroupSequence and multi‑field validation with @GroupSequenceProvider . The following snippet demonstrates group sequencing:

public class GroupSequenceValidate {
    public interface OrderFirst {}
    public interface OrderSecond {}
    public interface OrderThird {}
    @NotNull(message = "first cannot be null", groups = OrderFirst.class)
    public String first;
    @NotNull(message = "second cannot be null", groups = OrderSecond.class)
    public String second;
    @NotNull(message = "third cannot be null", groups = OrderThird.class)
    public String third;
    @GroupSequence({OrderFirst.class, OrderSecond.class, OrderThird.class})
    public interface Group {}
}

Multi‑field validation can be achieved by implementing DefaultGroupSequenceProvider and annotating the bean with @GroupSequenceProvider . An example validates revenue ranges based on age brackets.

public class RevenueStaticsProvider implements DefaultGroupSequenceProvider
{
    @Override
    public List
> getValidationGroups(RevenueStatics bean) {
        List
> groups = new ArrayList<>();
        groups.add(RevenueStatics.class);
        if (bean != null) {
            int age = bean.ageRange;
            if (age >= 20 && age < 30) {
                groups.add(RevenueStatics.AgeRangeFrom20To30.class);
            } else if (age >= 30 && age < 40) {
                groups.add(RevenueStatics.AgeRangeFrom30To40.class);
            }
        }
        return groups;
    }
}

@GroupSequenceProvider(RevenueStaticsProvider.class)
public class RevenueStatics {
    @Range(min = 10, max = 40)
    public int ageRange;
    @Range.List({
        @Range(min = 10, max = 30, groups = AgeRangeFrom20To30.class),
        @Range(min = 30, max = 50, groups = AgeRangeFrom30To40.class)
    })
    public int revenueRange;
    public interface AgeRangeFrom20To30 {}
    public interface AgeRangeFrom30To40 {}
}

The article concludes that Jakarta Bean Validation is quick to adopt, easy to use, and powerful, making it a worthwhile addition to Java backend projects. Future work includes dynamic rule distribution via XML on a custom platform, while current challenges involve compatibility with Android’s limited Java 8 support and the extra maintenance effort required for custom adaptations.

References: Bean‑Validation official site, JSR‑380 specification, Hibernate‑Validator documentation and source code.