@RequestMapping(value = "/update", method = RequestMethod.POST) public String update( String currentPassword, String password, String email, RedirectAttributes redirectAttributes) { if (!isValid(Admin.class, "email", email)) { return ERROR_VIEW; } Admin pAdmin = adminService.getCurrent(); if (StringUtils.isNotEmpty(currentPassword) && StringUtils.isNotEmpty(password)) { if (!isValid(Admin.class, "password", password)) { return ERROR_VIEW; } if (!StringUtils.equals(DigestUtils.md5Hex(currentPassword), pAdmin.getPassword())) { return ERROR_VIEW; } pAdmin.setPassword(DigestUtils.md5Hex(password)); } pAdmin.setEmail(email); adminService.update(pAdmin); addFlashMessage(redirectAttributes, SUCCESS_MESSAGE); return "redirect:edit.jhtml"; }