mgroves

One of the deceptively trickiest parts of any web application, MVC included, is validation. Here are my major concerns with validation:

• Usability. Validation is for users, after all. Validation messages should be clear, and the user should know exactly what they need to do when getting validation errors. Of course, if the form itself has poor usability, chances are the validation will too, so the user experience starts there.
• To client-side or not to client-side?. That is the question. The benefits to client-side validation include a more responsive UI and less POSTs to the server. The downside is that you often need to repeat yourself, but ASP.NET MVC 2 is building up a very cohesive validation story that includes client-side validation with almost no extra code. Check out Scott Guthrie's latest post on MVC 2 validation. Additionally, I believe that the validation experience should be consistent: users with JavaScript off should have the same experience with JavaScript on (except with more POSTs, of course). Additionally, I think that all errors should show up at a consistent time. If you're using client-side validation, all form fields should have client-side validation, including the ones that require a server/database call (i.e. with AJAX). If you don't want to do that, then consider using server-side only validation instead.
• ViewModel validation. If you are using MVVM, then validation becomes tricky. Often a viewmodel will simple have a copy of an entity in it, which means the DataAnnotation-style validation in MVC 2 will pass right through and work great. However, a viewmodel will sometimes have a subset or some sort of flattening of the entity, which means you'll again have to repeat yourself. Scott Guthrie's comments: in general "it depends". From a DRY perspective it would be ideal if you could put the validation on the model and have your viewmodels reflect/respect that automatically. Having said that, sometimes the shape of ViewModels look differently than Models - in which case having validation automatically transfer between models/viewmodels might be different (for example: if you flatten fields or expose them differently). We'll try and get more guidance out there that show off how to handle different scenarios.
• Don't Repeat Yourself. Didn't I already say this? This time I mean that if you want to check for a specific formatting, say with a RegEx, that RegEx should only appear in the validation system once. So if you are validating URLs with a RegEx, you should make a custom attribute that calls a method IsValidURL, and the RegEx should be in that method.

I've used the WebForms validators before, and they generally make development easier, but so far the MVC 2 validation model is looking more robust, and has extensibility points to use 3rd party validation tools like xVal and Castle.