DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7142>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7142 password encrytion in UpdateAccount.java Summary: password encrytion in UpdateAccount.java Product: Jetspeed Version: 1.3a1 Platform: All OS/Version: Other Status: NEW Severity: Critical Priority: Other Component: Login AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Using the EditAccount.vm one can edit the details of a user.We are not looking for the users old password either and moreover.In my TR.P i set services.SecurityService.secure.passwords=true Inspite of doing so when i change a users password through EditAccount.vm the password in my database is not encrypted.I saw the UpdateAccount.java file where we set the user password without checking the property mentioned in TR.P -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
