@RequestMapping(method = RequestMethod.POST)
  public String processEdit(
      @ModelAttribute User user,
      BindingResult result,
      SessionStatus status,
      HttpServletRequest request) {
    new UserValidator(roleService).validate(user, result);
    if (result.hasErrors()) {
      return "config/users/password";
    } else {

      if (user.getUnencryptedPassword() == null
          || user.getUnencryptedPassword().trim().equals("")) {
        result.rejectValue("password", null, "You must enter a new password.");
        return "config/users/password";
      }

      String currentUserName = SecurityContextHolder.getContext().getAuthentication().getName();

      User databaseUser = userService.loadUser(user.getName());
      if (databaseUser != null && !databaseUser.getId().equals(user.getId())) {
        // TODO check this out
        result.rejectValue(
            "currentPassword", "The user has changed since starting this procedure.");
        return "config/users/password";
      }

      if (userService.isCorrectPassword(databaseUser, user.getCurrentPassword())) {
        user.setHasChangedInitialPassword(true);
        user.setLastPasswordChangedDate(new Date());
        Object currentUserObject =
            SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        if (currentUserObject instanceof ThreadFixUserDetails) {
          ThreadFixUserDetails details = (ThreadFixUserDetails) currentUserObject;
          details.setHasChangedInitialPassword(true);
        }
        userService.storeUser(user);
        status.setComplete();
        log.info("The User " + currentUserName + " has completed the password change.");
        ControllerUtils.addSuccessMessage(request, "The password change was successful.");
        return "redirect:/configuration/users/password";

      } else {
        log.info("An incorrect password was submitted during a password change attempt.");
        result.rejectValue("currentPassword", null, "That was not the correct password.");
        return "config/users/password";
      }
    }
  }