Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- class User {
- // Added by the spring security core plugin
- String password
- // Added by me
- String passwordConfirm
- static constraints = {
- passwordConfirm blank:false, validator: { val, obj ->
- if (!obj.password.equals(obj.passwordConfirm)) {
- return "user.password.confirmation.error"
- }
- }
- }
- // other methods...
- }
- org.hibernate.AssertionFailure: null id in com.test.User entry (don't flush the Session after an exception occurs)
- at com.shopify.RegistrationController$_closure2.doCall(RegistrationController.groovy:14)
- at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
- at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
- at java.lang.Thread.run(Thread.java:680)
- def register = {
- def user = new User(params)
- if (!user.save(flush:true, failOnError:true)) {
- render view: 'register', model: [userInstance: user]
- } else {
- render view: 'success'
- }
- }
- def beforeInsert() {
- // encodePassword()
- }
- def beforeUpdate() {
- // if (isDirty('password')) {
- // encodePassword()
- // }
- }
- def password = 1234
- def passwordConfirm = 1234
- password == passwordConfirm validation passes
- def password gets hashed:
- def password = 1JO@J$O!@J$P!O@$JP!@O$J!@O$J!@
- def passwordConfirm = 1234
- password != passwordConfirm validation fails
- def password = 1234
- def passwordConfirm = 1234
- password == passwordConfirm validation passes but now you have your password in plain texts inside your DB, you should never do this for security reasons.
Add Comment
Please, Sign In to add comment