@RequestMapping(value = "/staffchangepasswordsubmit", method = RequestMethod.POST) public ModelAndView changePasswordSubmit( @ModelAttribute("form") ChangePasswordForm form, BindingResult result) { log.debug("Entering ...."); ModelAndView modelAndView = new ModelAndView("staffchangepassword"); validateChangePassword(form, result); if (!result.hasErrors()) { if (form.getNewPassword().equals(form.getNewPasswordRep())) { User user = loginService.getUserByProfileId(form.getTenantId(), form.getStaffProfileId()); if (user != null && form.getCurrentPassword().equals(user.getPassword())) { user.setPassword(form.getNewPassword()); loginService.updateUser(user); modelAndView.addObject("successMessage", "Password changed successfully !!!"); } else { result.addError(new ObjectError("currentPassword", "Current password is wrong")); } } else { result.addError(new ObjectError("newPassword", "New password doesn't match")); } } modelAndView.addObject("form", form); log.debug("Existing.........."); return modelAndView; }