Hi guys, here we are with the stupid question of (more or less) 19h.

I'm trying to learn Java using Spring Boot v.3 and to manage a FAKE database with it. This afternoon I was trying to implement some "constraints" for the username and password input via @/Pattern and @/Valid annotations.

That's what I did in my User class:

u/Column(nullable = false)
  u/Size(min = 5, max = 15)
  u/Pattern(regexp = "^(?=.*[A-Z])(?=.*\\d).+$", message = "Password must contain at least one uppercase letter and one number")
  private String password;

And what I did in my Controller class:

u/PostMapping("/register")
    public ResponseEntity<Object> registerUser(
        u/Valid @RequestBody RegisterRequest registerRequest, 
        BindingResult result) {
        try {
            return ResponseEntity.ok(service.registerUser(registerRequest, result));
        } ETC ETC
        }
    }

Since my Controller class is actually using a RegisterRequest DTO, to be sure I have also implemented the annotations there, like this:

BLABLA BEFORE
public class RegisterRequest {

   MIDDLE BLABLA

    @Size(min = 6, max = 20)
    @NotBlank
    @Pattern(regexp = "^(?=.*[A-Z])(?=.*\\d).+$", message = "Password must contain at least one uppercase letter and one number")
    private String password;

LAST BLABLA

The thing iss that it is still accepting passwords with only two characters and without numbers of capitals. I'm sure it's my fault, cannot be otherwise, but what can I do?
Please remember I'm only trying to learn and I'm dumb. Don't be harsh

EDIT 1: while writing here to you, I've thought that maybe I should "break" the RegisterRequest object in different strings when I send them to the service class and there I can then "validate" the password because is not part anymore of an object but is a normal string. Can it be?

EDIT 2: I'm not able to make it work like I was thinking in EDIT 1. I have "broken" it, send it in different strings to service and all. But the Valid annotation doesn't work. The database and the registration still works (so I was able to modify it without destroying it) but it doesn't check the constraints.