This is an automated email from the ASF dual-hosted git repository. rombert pushed a commit to annotated tag org.apache.sling.jcr.jackrabbit.usermanager-2.2.4 in repository https://gitbox.apache.org/repos/asf/sling-org-apache-sling-jcr-jackrabbit-usermanager.git
commit a5d74c90783dada4bde93c779fef21049a43b03a Author: Chetan Mehrotra <[email protected]> AuthorDate: Tue Jan 6 10:17:17 2015 +0000 SLING-3230 - UpdateUserTest integration test fails with Oak Avoid using reflection instead change the password using newer api git-svn-id: https://svn.apache.org/repos/asf/sling/trunk/bundles/jcr/jackrabbit-usermanager@1649766 13f79535-47bb-0310-9956-ffa450edef68 --- pom.xml | 4 +-- .../impl/post/ChangeUserPasswordServlet.java | 42 ++++------------------ 2 files changed, 8 insertions(+), 38 deletions(-) diff --git a/pom.xml b/pom.xml index d2e144a..2203b22 100644 --- a/pom.xml +++ b/pom.xml @@ -110,7 +110,7 @@ <dependency> <groupId>org.apache.jackrabbit</groupId> <artifactId>jackrabbit-api</artifactId> - <version>2.2.0</version> + <version>2.3.0</version> <scope>provided</scope> </dependency> <dependency> @@ -160,4 +160,4 @@ </dependency> </dependencies> -</project> \ No newline at end of file +</project> diff --git a/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/post/ChangeUserPasswordServlet.java b/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/post/ChangeUserPasswordServlet.java index 7ca41a0..eb1181f 100644 --- a/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/post/ChangeUserPasswordServlet.java +++ b/src/main/java/org/apache/sling/jackrabbit/usermanager/impl/post/ChangeUserPasswordServlet.java @@ -242,13 +242,13 @@ public class ChangeUserPasswordServlet extends AbstractUserPostServlet implement "New Password does not match the confirmation password"); } - if (oldPassword != null && oldPassword.length() > 0) { - // verify old password - checkPassword(authorizable, oldPassword); - } - try { - user.changePassword(newPassword); + if (oldPassword != null && oldPassword.length() > 0) { + // verify old password + user.changePassword(newPassword, oldPassword); + } else { + user.changePassword(newPassword); + } final String passwordPath = AuthorizableResourceProvider.SYSTEM_USER_MANAGER_USER_PREFIX + user.getID() + "/rep:password"; @@ -259,34 +259,4 @@ public class ChangeUserPasswordServlet extends AbstractUserPostServlet implement return user; } - - - private void checkPassword(Authorizable authorizable, String oldPassword) - throws RepositoryException { - Credentials oldCreds = ((User) authorizable).getCredentials(); - if (oldCreds instanceof SimpleCredentials) { - char[] oldCredsPwd = ((SimpleCredentials) oldCreds).getPassword(); - if (oldPassword.equals(String.valueOf(oldCredsPwd))) { - return; - } - } else { - try { - // CryptSimpleCredentials.matches(SimpleCredentials credentials) - Class<?> oldCredsClass = oldCreds.getClass(); - Method matcher = oldCredsClass.getMethod("matches", - SimpleCredentials.class); - SimpleCredentials newCreds = new SimpleCredentials( - authorizable.getPrincipal().getName(), - oldPassword.toCharArray()); - boolean match = (Boolean) matcher.invoke(oldCreds, newCreds); - if (match) { - return; - } - } catch (Throwable t) { - // failure here, fall back to password check failure below - } - } - - throw new RepositoryException("Old Password does not match"); - } } -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
