You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2017/12/01 00:59:50 UTC
svn commit: r1816785 - in
/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed:
security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
serializer/JetspeedSecuritySerializer.java
Author: taylor
Date: Fri Dec 1 00:59:49 2017
New Revision: 1816785
URL: http://svn.apache.org/viewvc?rev=1816785&view=rev
Log:
JS2-1358: password validator order broken when new password credentials. When migrating security credentials, handle updating of password
Modified:
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java?rev=1816785&r1=1816784&r2=1816785&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/UserPasswordCredentialPolicyManagerImpl.java Fri Dec 1 00:59:49 2017
@@ -156,6 +156,16 @@ public class UserPasswordCredentialPolic
String newPassword = null;
if (credential.getNewPassword() != null)
{
+ if (validator != null)
+ {
+ if (!authenticated)
+ {
+ // Note: authenticated is also forced set to true during synchronization like from Ldap
+ // this might means the initial password isn't valid, but needs to be accepted anyway
+ // but will be forced to be changed after first login.
+ validator.validate(credential.getNewPassword());
+ }
+ }
if (credential.getOldPassword() != null && !authenticated)
{
String validatingOldPassword = credential.getOldPassword();
@@ -176,16 +186,6 @@ public class UserPasswordCredentialPolic
}
authenticated = true;
}
- if (validator != null)
- {
- if (!authenticated)
- {
- // Note: authenticated is also forced set to true during synchronization like from Ldap
- // this might means the initial password isn't valid, but needs to be accepted anyway
- // but will be forced to be changed after first login.
- validator.validate(credential.getNewPassword());
- }
- }
newPassword = credential.getNewPassword();
if (encoder != null)
{
Modified: portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java?rev=1816785&r1=1816784&r2=1816785&view=diff
==============================================================================
--- portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java (original)
+++ portals/jetspeed-2/portal/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/serializer/JetspeedSecuritySerializer.java Fri Dec 1 00:59:49 2017
@@ -423,6 +423,21 @@ public class JetspeedSecuritySerializer
}
log.debug("add User done ");
}
+ // DST: 2017-04-28
+ else { // existing user needs password updated
+ if (doPwData) {
+ String pwdString = (jsuser.getPwDataValue("password"));
+ char [] pwdChars = (pwdString != null ? pwdString.toCharArray() : null);
+ String password = recreatePassword(pwdChars);
+ if (password != null && password.length() > 0)
+ {
+ PasswordCredential pwc = userManager.getPasswordCredential(user);
+ pwc.setPassword(password, (passwordEncoding == JetspeedSerializer.PASSTHRU_REQUIRED));
+ log.debug("updating password for User " + jsuser.getName());
+ userManager.storePasswordCredential(pwc);
+ }
+ }
+ }
if (doPwData)
{
try
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org