Menu
I have a spring MVC 3.0 application with spring security implemented. I am creating a small pop-up to change the password of the current loging in user. All is well until I post the form to the following action.
@RequestMapping(value = "principalchangepassword" , method = RequestMethod.POST)
public @ResponseBody String principalchangepassword(Model uiModel, HttpServletRequest httpServletRequest){
Principal principal = (Principal) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
StandardStringDigester digester = new StandardStringDigester();
digester.setAlgorithm("SHA-256"); // optionally set the algorithm
digester.setStringOutputType("hexadecimal");
digester.setSaltSizeBytes(0);
digester.setIterations(1);
String digest = digester.digest(httpServletRequest.getParameter("password1"));
principal.setPassword(digest.toLowerCase());
principal.merge();
return "Password Updated successfully";
}
When I do an ajax call to update the password of the current principal, I get the following exception message.
org.hibernate.TransientObjectException: object references an unsaved transient instance – save the transient instance before flushing
What am I doing wrong ?
324
I am using spring security using BCryptPasswordEncoder. Now for change password i do is to compare Existing Password provided by user with DB value.
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String existingPassword = ... // Password entered by user
String dbPassword = ... // Load hashed DB password
if (passwordEncoder.matches(existingPassword, dbPassword)) {
// Encode new password and store it
} else {
// Report error
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
