Expand Authors Top

If you have a few years of experience in the Java ecosystem and you’d like to share that with the community, have a look at our Contribution Guidelines.

Expanded Audience – Frontegg – Security (partner)
announcement - icon User management is very complex, when implemented properly. No surprise here.

Not having to roll all of that out manually, but instead integrating a mature, fully-fledged solution - yeah, that makes a lot of sense.
That's basically what Frontegg is - User Management for your application. It's focused on making your app scalable, secure and enjoyable for your users.
From signup to authentication, it supports simple scenarios all the way to complex and custom application logic.

Have a look:

>> Elegant User Management, Tailor-made for B2B SaaS

Java Top

Get started with Spring 5 and Spring Boot 2, through the Learn Spring course:


1. Overview

URL stands for Uniform Resource Locator, and it's an address to a unique resource on the web.

In this tutorial, we'll discuss the validation of URLs using Java. In modern web development, it's very common to read, write, or access a URL through an application. Hence, a successful validation ensures a valid and compliant URL.

There are different libraries that are used to validate a URL. We'll discuss two classes – java.net.Url from the JDK and org.apache.commons.validator.routines.UrlValidator from the Apache Commons library.

2. Validate URL Using JDK

Let's see how we can validate a URL using the class java.net.URL:

boolean isValidURL(String url) throws MalformedURLException, URISyntaxException {
    try {
        new URL(url).toURI();
        return true;
    } catch (MalformedURLException e) {
        return false;
    } catch (URISyntaxException e) {
        return false;

In the above method, new URL(url).toURI();  tries to create an URI using the String parameter. If the String passed doesn't qualify for the URL syntax, the library throws an Exception.

The built-in URL class throws a MalformedURLException when it finds a malformed syntax in the input String object. When the format of the String isn't compliant, the built-in class throws a URISyntaxException.

Now, let's verify that our method works with a small test:

assertFalse(isValidURL("https://www.baeldung.com/ java-%%$^&& iuyi"));

We must understand the difference between URL and URI. The toURI() method is important here as it ensures that any URL string that complies with RC 2396 is converted to URL. However, if we use new URL(String value), it won't ensure that the URL created is fully compliant. 

Let's see with an example that if we use only new URL(String url), many non-compliant URLs will pass the validation:

boolean isValidUrl(String url) throws MalformedURLException {
    try {
        // it will check only for scheme and not null input 
        new URL(url);
        return true;
    } catch (MalformedURLException e) {
        return false;

Let's see how the above method works for validating different URLs with some tests:

assertTrue(isValidUrl("https://www.baeldung.com/ java-%%$^&& iuyi")); 

In the above method, new URL(url) only checks for the valid protocol and null string as input.  Hence, if the protocol is correct, it will return a URL object even if it isn't compliant with RC 2396.

Hence, we must use new URL(url).toURI() to ensure that the URL is valid and compliant.

3. Validate URL Using Apache Commons

We need to import the commons-validator dependency into our pom.xml file:


Let's use the UrlValidator class from this library to validate:

boolean isValidURL(String url) throws MalformedURLException {
    UrlValidator validator = new UrlValidator();
    return validator.isValid(url);

In the above method, we create a URLValidator and then use the isValid() method to check for the URL validity of the String argument.

Let's check how the above method behaves for different inputs:

assertFalse(isValidURL("https://www.baeldung.com/ java-%%$^&& iuyi"));

URLValidator allows us to finetune the conditions to validate a URL string. For instance, if we use the overloaded constructor UrlValidator(String[] schemes), it validates the URL only for the provided list of schemes (http, https, ftp, etc.).

Similarly, there are some other flags – ALLOW_2_SLASHES, NO_FRAGMENT, and ALLOW_ALL_SCHEMES that can be set as per the requirement. We can find the details for all the options provided by the library in the official documentation.

4. Conclusion

In this article, we learned two different ways to validate a URL. We also discussed the difference between URL(String url) and URL.toURI().

If we've to validate only the protocol and non-null string, then we can use the URL(String url) constructor. However, when we've to validate and pass the compliance check, we need to use URL(url).to URI().

Additionally, if we add the Apache Commons dependency, we can use the URLValidator class to perform the validation, and there are additional options available in the class to finetune the validation rules.

As always, the source code for the examples in this article is available over on GitHub.

Java bottom

Get started with Spring 5 and Spring Boot 2, through the Learn Spring course:

Generic footer banner
Comments are closed on this article!