Author: ate
Date: Wed May 11 00:31:25 2011
New Revision: 1101694
URL: http://svn.apache.org/viewvc?rev=1101694&view=rev
Log:
JS2-1251: Only (should) validate new user credential password when not
synchronizing like from Ldap
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
URL:
http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java?rev=1101694&r1=1101693&r2=1101694&view=diff
==============================================================================
---
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
(original)
+++
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
Wed May 11 00:31:25 2011
@@ -173,7 +173,13 @@ public class UserPasswordCredentialPolic
}
if (validator != null)
{
- validator.validate(credential.getNewPassword());
+ if (!authenticated)
+ {
+ // Note: authenticated is also forced set to true
during synchronization like from Ldap
+ // this might means the initial password isn't valid,
but needs to be accepted anyway
+ // but will be forced to be changed after first login.
+ validator.validate(credential.getNewPassword());
+ }
}
newPassword = credential.getNewPassword();
if (encoder != null)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
