Bird
Raised Fist0
Spring Bootframework~5 mins

DTO validation in Spring Boot

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Introduction

DTO validation helps check if the data sent to your app is correct before using it. It stops bad or missing data early.

When receiving user input from a web form to create or update data.
When accepting JSON data in a REST API request.
When you want to ensure required fields are filled and follow rules like email format or number ranges.
When you want to give clear error messages if data is wrong.
When you want to keep your app safe from invalid or harmful data.
Syntax
Spring Boot
public class UserDTO {
    @NotNull
    @Size(min = 2, max = 30)
    private String name;

    @Email
    private String email;

    @Min(18)
    private Integer age;

    // getters and setters
}

Use annotations like @NotNull, @Size, @Email, @Min on DTO fields.

Spring Boot automatically checks these when you add @Valid in your controller method parameter.

Examples
This example checks that productName is not empty and price is a positive number.
Spring Boot
public class ProductDTO {
    @NotBlank
    private String productName;

    @Positive
    private Double price;

    // getters and setters
}
This example ensures username and password are not empty strings.
Spring Boot
public class LoginDTO {
    @NotEmpty
    private String username;

    @NotEmpty
    private String password;

    // getters and setters
}
Sample Program

This Spring Boot controller accepts a POST request with JSON data for a user. It checks the data using DTO validation annotations. If data is invalid, Spring returns errors automatically. If valid, it returns a success message.

Spring Boot
import jakarta.validation.Valid;
import jakarta.validation.constraints.*;
import org.springframework.web.bind.annotation.*;
import org.springframework.validation.annotation.Validated;
import org.springframework.http.ResponseEntity;

@RestController
@RequestMapping("/users")
@Validated
public class UserController {

    public static class UserDTO {
        @NotNull(message = "Name is required")
        @Size(min = 2, max = 30, message = "Name must be 2-30 characters")
        private String name;

        @Email(message = "Email must be valid")
        private String email;

        @Min(value = 18, message = "Age must be at least 18")
        private Integer age;

        // getters and setters
        public String getName() { return name; }
        public void setName(String name) { this.name = name; }
        public String getEmail() { return email; }
        public void setEmail(String email) { this.email = email; }
        public Integer getAge() { return age; }
        public void setAge(Integer age) { this.age = age; }
    }

    @PostMapping
    public ResponseEntity<String> createUser(@RequestBody @Valid UserDTO user) {
        return ResponseEntity.ok("User " + user.getName() + " created successfully");
    }
}
OutputSuccess
Important Notes

Always add @Valid before the DTO parameter in controller methods to trigger validation.

Validation errors automatically return HTTP 400 with messages explaining what is wrong.

You can customize error messages using the message attribute in annotations.

Summary

DTO validation checks input data early to keep your app safe and clean.

Use annotations on DTO fields and @Valid in controllers to enable validation.

Spring Boot handles errors and responses for invalid data automatically.

Practice

(1/5)
1. What is the main purpose of using DTO validation in a Spring Boot application?
easy
A. To handle user authentication and login
B. To speed up database queries automatically
C. To generate HTML pages from data
D. To check and ensure input data meets rules before processing

Solution

  1. Step 1: Understand DTO role

    A DTO (Data Transfer Object) carries data between processes and needs validation to ensure data is correct.

  2. Step 2: Purpose of validation

    Validation checks input data early to prevent bad data from reaching business logic or database.

  3. Final Answer:

    To check and ensure input data meets rules before processing -> Option D

  4. Quick Check:

    DTO validation = input data check [OK]
Hint: Validation means checking input data early [OK]
Common Mistakes:
  • Confusing validation with database optimization
  • Thinking validation generates UI
  • Mixing validation with authentication
2. Which annotation is used on a DTO field to require that it must not be empty or null?
easy
A. @Size(min = 1)
B. @NotEmpty
C. @NotNull
D. @Valid

Solution

  1. Step 1: Understand annotations meaning

    @NotNull only checks for null, but allows empty strings. @NotEmpty checks for both null and empty strings.

  2. Step 2: Choose correct annotation

    To ensure a field is neither null nor empty, @NotEmpty is the best choice.

  3. Final Answer:

    @NotEmpty -> Option B

  4. Quick Check:

    @NotEmpty = no null or empty [OK]
Hint: Use @NotEmpty to block null and empty strings [OK]
Common Mistakes:
  • Using @NotNull but allowing empty strings
  • Confusing @Valid with field validation
  • Using @Size without min value
3. Given this DTO class snippet:
public class UserDTO {
  @NotNull
  private String username;

  @Min(18)
  private int age;

  // getters and setters
}

What happens if a request sends username=null and age=16 when validated with @Valid?
medium
A. Validation fails for both username and age fields
B. Validation passes because age is int and can't be null
C. Validation fails only for age field
D. Validation passes because @NotNull is ignored on String

Solution

  1. Step 1: Check username validation

    @NotNull on username means null value is invalid, so username=null fails validation.

  2. Step 2: Check age validation

    @Min(18) means age must be at least 18. Given age=16, this fails validation.

  3. Final Answer:

    Validation fails for both username and age fields -> Option A

  4. Quick Check:

    @NotNull + @Min(18) fail for null and age 16 [OK]
Hint: Check each annotation rule against input values [OK]
Common Mistakes:
  • Assuming int fields can't fail validation
  • Ignoring @NotNull effect on String
  • Thinking validation passes if one field is valid
4. Identify the error in this controller method for validating a DTO:
@PostMapping("/users")
public ResponseEntity<String> addUser(UserDTO user) {
  // save user
  return ResponseEntity.ok("User added");
}
medium
A. Missing @Validated annotation on controller class
B. Method should return void instead of ResponseEntity
C. Missing @RequestBody annotation on UserDTO parameter
D. No error, code is correct

Solution

  1. Step 1: Check parameter annotations

    To validate JSON input as DTO, @RequestBody is needed to bind request body to UserDTO.

  2. Step 2: Check validation annotation

    @Valid is also needed to trigger validation, but missing @RequestBody causes binding failure first.

  3. Final Answer:

    Missing @RequestBody annotation on UserDTO parameter -> Option C

  4. Quick Check:

    @RequestBody needed for JSON binding [OK]
Hint: Use @RequestBody to bind JSON to DTO [OK]
Common Mistakes:
  • Forgetting @RequestBody causes no binding
  • Thinking @Valid alone binds JSON
  • Assuming return type must be void
5. You want to validate a DTO with a nested object, where the nested object also needs validation. Which is the correct way to enable validation on the nested DTO field?
hard
A. Add @Valid annotation on the nested DTO field inside the parent DTO
B. Add @NotNull on the nested DTO field only
C. Add @Valid on the parent DTO class only
D. No annotation needed, nested DTOs are validated automatically

Solution

  1. Step 1: Understand nested validation

    Spring Boot requires @Valid on nested DTO fields to trigger validation of inner objects.

  2. Step 2: Why @Valid on nested field

    @NotNull only checks presence, but @Valid triggers validation of nested object's fields.

  3. Final Answer:

    Add @Valid annotation on the nested DTO field inside the parent DTO -> Option A

  4. Quick Check:

    @Valid on nested field triggers inner validation [OK]
Hint: Use @Valid on nested DTO fields for full validation [OK]
Common Mistakes:
  • Using only @NotNull on nested DTO
  • Assuming parent @Valid covers nested fields
  • Skipping @Valid and expecting automatic nested validation