JSF conversion and validation will run first in the order it is been declared on the component, with required first. If any of it fails, then the remnant of JSF validation and all the bean validation is completely skipped, else all of the bean validation is executed.
Hard to answer. It solely depends on the functional requirements and the purpose of the validator and how closely tied the validation is to the model or the view.
If the validation needs to run everytime the model property is set (so, it's closely tied to the model), then bean validation would be preferred. But if validation needs to run only once, e.g. during registration (so, it's closely tied to a specific view), then JSF validation would be preferred.
For example, if you're checking the email syntax pattern, then bean validation would make more sense, e.g.:
@Pattern(regexp = "([^.@]+)(\\.[^.@]+)*@([^.@]+\\.)+([^.@]+)", message = "Email is not in valid format")
private String email;
If you're checking the email existance against the DB, then a JSF validator would make more sense since you don't want it to unnecessarily be executed on every property set. DB calls are not cheap per se.
Again, this is subjective. See what fits the business requirements the best. Maybe you're required to validate it on every property set, for example.
i need to validate the email in registration and update profile, and i want to validate that the email is valid and doesn't exist in the database, so i think that i have to use both JSF Validator and Bean validation, what do you think ?
Note: why didn't you use @Email from hibernate in above sample, and preferred the regex ?
I prefer to be implementation independent unless not really or easily possible. This way the webapp will still work whenever you deploy to a different container with an other JSR303 implementation than Hibernate. You're of course free to put implementation specific restrictions on your webapp (you're using and targeting Tomcat anyway), but this should properly be documented in the main webapp install/deploy manual for the serveradmins.
i got you, but what do you think about the question in the first comment ?
Sorry, I overlooked that. Well, that are technically two separate validations. As to the responsibility, I'd also go for a JSF validator for the existence and a bean validator for the format. However, it would functionally make more sense if the bean validator is executed first before JSF validator (so, first format and then existence). But you cannot control that. Perhaps you could use <f:validateRegex> instead for the format which is placed before <f:validator> for email existence. Depends on the concrete functional requirements.