checking that passwords match

[mmakunas]

This should be simple but I'm having a few issues...

I have a web registration form and I need the user to type in his/her password twice (like all sites do).

It's trivial to check that two fields in the command object match but the problem is I don't wasn't the second password field in my object. The backing object for all of my forms are my business objects. In other words, for this case I have a user object with a password property and I don't want to add a repeatedPassword property.

Am I going about this all wrong? Should all forms have some sort of parallel backing object that maps (almost) to a business object?

Thanks for the help and my apologies if this is all due to jet lag....

[Lingesh]

This should be simple but I'm having a few issues...

I have a web registration form and I need the user to type in his/her password twice (like all sites do).

It's trivial to check that two fields in the command object match but the problem is I don't wasn't the second password field in my object. The backing object for all of my forms are my business objects. In other words, for this case I have a user object with a password property and I don't want to add a repeatedPassword property.

Am I going about this all wrong? Should all forms have some sort of parallel backing object that maps (almost) to a business object?

Thanks for the help and my apologies if this is all due to jet lag....

Hi,

I too am using two fields for this condition and I believe that is the right way.

Lingesh

[ojs]

I see two possibilities to solve this problem -

a) Implement a seperate command object with the two password fields and map this manually to and from your business object, as you said

b) override the onBindAndValidate() method in your controller (that should have SimpleFormController extended) and access the password fields via the HttpServletRequest object - example:

Code:

@Override
protected void onBindAndValidate(final HttpServletRequest request, final Object command, final BindException errors)
throws Exception
{
    final YourCommandClass myCommand = (YourCommandClass)command;

    final String passwordA = RequestUtils.getStringParameter(request, "passworda", "");
    final String passwordB = RequestUtils.getStringParameter(request, "passwordb", "");

    if (!passwordA.equals(passwordB))
    {
        errors.rejectValue("passwordA", null, "Passwords doesn't match");
    }
    else
    {
        myCommand.setPassword(passwordA);
    }
}

HTH
Oliver

[dhewitt]

The specific way we handle this is to have a form object that has three properties:
user
newPassword
confirmNewPassword

Where 'user' is the actual domain object. That way you don't have to have a form object that just copies the domain object and you don't have to pollute your domain object with extra fields.

I certainly wouldn't say that having a separate form object in all cases for the sake of it is good practice. But in specific circumstances like this it can be useful.

[sethladd]

The specific way we handle this is to have a form object that has three properties:
user
newPassword
confirmNewPassword

I agree with this way. You get the best of both worlds: mapping/binding directly to domain objects, and being able to add workflow/transient properties.

[mmakunas]

I see two possibilities to solve this problem -

a) Implement a seperate command object with the two password fields and map this manually to and from your business object, as you said

b) override the onBindAndValidate() method in your controller (that should have SimpleFormController extended) and access the password fields via the HttpServletRequest object - example:

I've decided to go with b. I like the idea of seperating the normal validation from checking that the passwords match. Which is more of an "are you sure?" check, as opposed to an "is this object in a valid state" check.

Also, at least for this project, I'm erring on the side of putting too much in the controllers. That way if part of the code is a mess, at least it's consistent where the mess is. This is my first spring app this seems somewhat wise.