Authentication has nothing to do with validations.
In my assignment I did lots of validations and I also limited the user input (for example: no chars can be entered in the port number field, only digits). I think you can pass without validating them, because it's not a must requirement. But how will your application react if I enter 'abcd' as port number. I don't think your application crashing (and showing a NumberFormatException) will result in a nice score.
Thanks Roel for the reply. Yeah being new to software development world I was a bit confused about authentication and validations. I am doing the following validations:
1. Port number - allowing user to enter only digits upto maximum of 5 and then checking if the number entered is between 0-65535.
2. Database location - If a file exists in the location specified by user and can be read and written to. I decided not do any validations on the magic cookie.
3. IP address - if it is in the correct format ie, A valid ip-address must be in the form of xxx.xxx.xxx.xxx, where xxx is a number from 0-255.
I have decided to stick to ip-address as I found it difficult to validate the host name, hope thats acceptable.
4. customer id - A user can enter only positive numbers in the customer Id field and that must be 8 digits for it to be accepted as a valid customer id.