Untitled

class User {
  // Added by the spring security core plugin
  String password
  // Added by me
  String passwordConfirm

  static constraints = {
    passwordConfirm blank:false, validator: { val, obj ->
       if (!obj.password.equals(obj.passwordConfirm)) {
           return "user.password.confirmation.error"
       }
    }
  }

  // other methods...
}

org.hibernate.AssertionFailure: null id in com.test.User entry (don't flush the Session after an exception occurs)

    at com.shopify.RegistrationController$_closure2.doCall(RegistrationController.groovy:14)

    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

    at java.lang.Thread.run(Thread.java:680)

def register = {
    def user = new User(params)
    if (!user.save(flush:true, failOnError:true)) {
        render view: 'register', model: [userInstance: user]
    } else {
        render view: 'success'
    }
}

def beforeInsert() {
    // encodePassword()
}

def beforeUpdate() {
    // if (isDirty('password')) {
    //  encodePassword()
    // }
}

def password = 1234
def passwordConfirm = 1234
password == passwordConfirm  validation passes

def password gets hashed:
def password = 1JO@J$O!@J$P!O@$JP!@O$J!@O$J!@
def passwordConfirm = 1234
password != passwordConfirm validation fails

def password = 1234
def passwordConfirm = 1234
password == passwordConfirm  validation passes but now you have your password in plain texts inside your DB, you should never do this for security reasons.