I have implemented the fix mentioned in the previous message. There is one small difference...
I ended up saving everything that would be serialized into the OBJECT_DATA column on session unbind. This could pose a *small* problem for anyone using the permData hashtable for storage of extra data. If no one objects to this, I will commit the changes in the next few days. > -----Original Message----- > From: Quinton McCombs > Sent: Friday, January 03, 2003 2:36 PM > To: Turbine Developers List > Subject: Discussion on TTWS30 - Session unbind causes > TURBINE_USER to be updated > > > I ran across this because of a simple problem. My > application allows admin users to update information about > the user. It also allows a user to do simple things like > change their password. > > I noticed that although the the new password was written to > the database, the changes were overwritten when the user > logged out. It turns out that this is not a newly discovered > problems either. There is already a proposal > (http://jakarta.apache.org/turbine/turbine-2/proposals/securit y-service. html) that discusses a solution this very problem. Does anyone see a problem with this? The only issue that I could find was persistent pull tools. They would need to be saved as well. Does anyone even use them?? -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
