"Quinton McCombs" <[EMAIL PROTECTED]> writes:
>I ran across this because of a simple problem. My application allows
>admin users to update information about the user. It also allows a user
>to do simple things like change their password.
>I noticed that although the the new password was written to the
>database, the changes were overwritten when the user logged out. It
>turns out that this is not a newly discovered problems either. There is
>already a proposal
You must change your current user object! This is a well discussed
problem.
We use
TurbineSecurity.forcePassword(user, pw1);
TurbineSecurity.saveUser(user);
in a nutshell. Yes, it sucks. But it is all we have ATM.
Regards
Henning
--
Dipl.-Inf. (Univ.) Henning P. Schmiedehausen -- Geschaeftsfuehrer
INTERMETA - Gesellschaft fuer Mehrwertdienste mbH [EMAIL PROTECTED]
Am Schwabachgrund 22 Fon.: 09131 / 50654-0 [EMAIL PROTECTED]
D-91054 Buckenhof Fax.: 09131 / 50654-20
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
