Paul,
> 1. Changing the password. A method User.changePassword(String oldPassword,
> String newPassword, String confirmPassword) would take those form values and
> do the obvious: change the password if oldPassword hashes correctly and
> newPassword == confirmPassword.
>
> 2. Validate the plaintext password (say, is it long enough). This could be
> done in setPlaintextPassword().
That's wrong. If the user wants to use short (or weak) password, the
application should allow him to do that -- after issuing a warning.
Given that, I can't see any better solution here than an independent validator
method used at the GUI level, not integrated to saveChanges; essentially
something remotely similar to
===
String password // bound to the secure text field for pwd (skipped
the check field etc. for legibility)
boolean showWarning=false // bound to "your pwd is short, weak, whatever"
warning in GUI (in practice would be a string with reason)
WOComponent setPassword {
if (MyPassword.passwordIsTooWeak(password) && !showWarning) {
showWarning=true
return null
}
currentEC.saveChanges()
}
===
> So I'm stumped. Does this sound possible, or should I give up and continue
> to handle this kind of thing outside the regular validation system?
Absolutely. Even if it was possible and easy, it would still be wrong.
All the best,
OC
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/webobjects-dev/archive%40mail-archive.com
This email sent to [email protected]
