Announcement: You can find the guides for Commerce 7.5 and later on the new Elastic Path Documentation site. This Developer Center contains the guides for Commerce 6.13.0 through 7.4.1.Visit new site

This version of Elastic Path Commerce is no longer supported or maintained. To upgrade to the latest version, contact your Elastic Path representative.

Overriding Existing Constraints with XML

Overriding Existing Constraints with XML

Bean Validation allows you to apply constraints though XML files. This lets you override or extend validation constraints on Elastic Path domain objects, methods, and properties without having to replace or modify your code.

To use XML constraints, you must create these files in your extension project's src/main/resources directory:

Files Definition
constraints.xml Describes your validation constraints. You can have as many constraints.xml files on your classpath as required.
META-INF/validation.xml Specifies your constraints.xml file's location. Each extension project can have only one validation.xml file, which is located in the META-INF directory.

Adding an XML Constraint

This tutorial teaches you how to add existing validation constraints through XML files.


You want to add the following password constraints:

  • Include an uppercase letter
  • Include a lowercase letter
  • Include a number

To add these additional constraints, you can use the regular expression (?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).*

You have a custom validation constraint, named @RegisteredCustomerPasswordWithRegex, that matches passwords with regular expressions. To add @RegisteredCustomerPasswordWithRegex without modifying the out-of-the-box code, you can use XML.


To add @RegisteredCustomerPasswordWithRegex as a customer password constraint:

  • Add the following XML code in a blank constraints.xml file:
    <?xml version='1.0' encoding='UTF-8'?>
    <constraint-mappings xmlns:xsi=""
        <bean class="com.elasticpath.domain.customer.Customer" ignore-annotations="false">
                <constraint annotation="com.example.validation.constraints.RegisteredCustomerPasswordWithRegex" >
                    <!-- contains at least one digit, one lower case, and one upper case character -->
                    <element name="regex">(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).*</element>

Five key points for how the above code works:

  • The bean class specifies the class whose validation you are modifying, which in this case is customer.
  • By setting ignore-annotations to false, Bean Validation validates using both annotations and XML constraints. By setting ignore-annotations to true, Bean validation ignores annotations and applies only XML constraints.
  • Constraints applied at the class level are defined in the <class> tag.
  • The @RegisteredCustomerPasswordWithRegex constraint is applied by the <constraint annotation> tag.
  • The regular expression (?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).*, which applies the additional restrictions on passwords, is passed into the annotation by using the <element name> tag.

Standard JSR-303 constraints are defined in the javax.validation.constraints package.

In validation.xml:

To add the constraints.xml to your classpath:

  • Add the <constraint-mapping> tag in the <validation> element as shown below:
    <?xml version='1.0' encoding='UTF-8'?>
    <validation-config xmlns="" xmlns:xsi="" xsi:schemaLocation="">