Announcement Announcement Module
Collapse
No announcement yet.
checking that passwords match Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • checking that passwords match

    This should be simple but I'm having a few issues...

    I have a web registration form and I need the user to type in his/her password twice (like all sites do).

    It's trivial to check that two fields in the command object match but the problem is I don't wasn't the second password field in my object. The backing object for all of my forms are my business objects. In other words, for this case I have a user object with a password property and I don't want to add a repeatedPassword property.

    Am I going about this all wrong? Should all forms have some sort of parallel backing object that maps (almost) to a business object?

    Thanks for the help and my apologies if this is all due to jet lag....

  • #2
    Originally posted by mmakunas
    This should be simple but I'm having a few issues...

    I have a web registration form and I need the user to type in his/her password twice (like all sites do).

    It's trivial to check that two fields in the command object match but the problem is I don't wasn't the second password field in my object. The backing object for all of my forms are my business objects. In other words, for this case I have a user object with a password property and I don't want to add a repeatedPassword property.

    Am I going about this all wrong? Should all forms have some sort of parallel backing object that maps (almost) to a business object?

    Thanks for the help and my apologies if this is all due to jet lag....
    Hi,

    I too am using two fields for this condition and I believe that is the right way.

    Lingesh

    Comment


    • #3
      I see two possibilities to solve this problem -

      a) Implement a seperate command object with the two password fields and map this manually to and from your business object, as you said

      b) override the onBindAndValidate() method in your controller (that should have SimpleFormController extended) and access the password fields via the HttpServletRequest object - example:

      Code:
      @Override
      protected void onBindAndValidate(final HttpServletRequest request, final Object command, final BindException errors)
      throws Exception
      {
          final YourCommandClass myCommand = (YourCommandClass)command;
      
          final String passwordA = RequestUtils.getStringParameter(request, "passworda", "");
          final String passwordB = RequestUtils.getStringParameter(request, "passwordb", "");
      
          if (!passwordA.equals(passwordB))
          {
              errors.rejectValue("passwordA", null, "Passwords doesn't match");
          }
          else
          {
              myCommand.setPassword(passwordA);
          }
      }

      HTH
      Oliver

      Comment


      • #4
        The specific way we handle this is to have a form object that has three properties:
        user
        newPassword
        confirmNewPassword

        Where 'user' is the actual domain object. That way you don't have to have a form object that just copies the domain object and you don't have to pollute your domain object with extra fields.

        I certainly wouldn't say that having a separate form object in all cases for the sake of it is good practice. But in specific circumstances like this it can be useful.

        Comment


        • #5
          Originally posted by dhewitt
          The specific way we handle this is to have a form object that has three properties:
          user
          newPassword
          confirmNewPassword
          I agree with this way. You get the best of both worlds: mapping/binding directly to domain objects, and being able to add workflow/transient properties.

          Comment


          • #6
            Originally posted by ojs
            I see two possibilities to solve this problem -

            a) Implement a seperate command object with the two password fields and map this manually to and from your business object, as you said

            b) override the onBindAndValidate() method in your controller (that should have SimpleFormController extended) and access the password fields via the HttpServletRequest object - example:
            I've decided to go with b. I like the idea of seperating the normal validation from checking that the passwords match. Which is more of an "are you sure?" check, as opposed to an "is this object in a valid state" check.

            Also, at least for this project, I'm erring on the side of putting too much in the controllers. That way if part of the code is a mess, at least it's consistent where the mess is. This is my first spring app this seems somewhat wise.

            Comment

            Working...
            X