Login + Signup using session in Grails -

i developing login/signup page using session , passwordcodec utils. when register new user, generates following error...

    cannot invoke method getbytes() on null object. stacktrace follows: message: cannot invoke method getbytes() on null object     line | method ->>   15 | docall    in passwordcodec$__clinit__closure1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  |     10 | docall    in samplelogin.usercontroller$_closure1 |    195 | dofilter  in grails.plugin.cache.web.filter.pagefragmentcachingfilter |     63 | dofilter  in grails.plugin.cache.web.filter.abstractfilter |   1145 | runworker in java.util.concurrent.threadpoolexecutor |    615 | run       in java.util.concurrent.threadpoolexecutor$worker ^    722 | run . . . in java.lang.thread 

below usercontroller code...

    package samplelogin import javax.servlet.http.httpsession  class usercontroller {      def registration = {         // new user posts registration details         if (request.method == 'post') {             // create domain object , assign parameters using data binding             def u = new user(params)             u.passwordhashed = u.password.encodeaspassword()             if (! u.save()) {                 // validation failed, render registration page again                 return [user:u]             } else {                 // validate/save ok, store user in session, redirect homepage                 session.user = u                 redirect(controller:'main')             }         } else if (session.user) {             // don't allow registration while user logged in             redirect(controller:'main')         }     }      def login = {         if (request.method == 'post') {             def passwordhashed = params.password.encodeaspassword()             def u = user.findbyusernameandpasswordhashed(params.username, passwordhashed)             if (u) {                 // username , password match -> log in                 session.user = u                 redirect(controller:'main')             } else {                 flash.message = "user not found"                 redirect(controller:'main')             }         } else if (session.user) {             // don't allow login while user logged in             redirect(controller:'main')         }     }      def logout = {         session.invalidate()         redirect(controller:'main')     } } 

below passwordcodec.groovy util code...

  import java.security.messagedigest import sun.misc.base64encoder import sun.misc.characterencoder  class passwordcodec {     static encode = { str ->         messagedigest md = messagedigest.getinstance('sha')         md.update(str.getbytes('utf-8'))         return (new base64encoder()).encode(md.digest())     } } 

i have created dummy user in bootstrap.groovy init method when try login, "user cannot find" received via view flash message. beneficial.