You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by je...@jakarta.apache.org on 2004/09/03 23:15:57 UTC
[jira] Created: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Message:
A new issue has been created in JIRA.
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS1-516
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS1-516
Summary: UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Type: Bug
Status: Unassigned
Priority: Major
Project: Jetspeed
Components:
Security
Versions:
1.5
Assignee:
Reporter: Arthur D'Alessandro
Created: Fri, 3 Sep 2004 2:14 PM
Updated: Fri, 3 Sep 2004 2:14 PM
Environment: Database: Postgres
JVM: J2DSK 1.4.02_04
OS: Redhat 9.x/Windows XPSP2
Description:
UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Thus making the edit user capability unusable unless the purpose was to also reset the password.
I've been throwing around something simple, such as:
services.JetspeedSecurity.secure.passwords.allowblank=true|false
UserUpdateAction.doUpdate: Null password is ok, depending on
if secure.passwords=true {
if (password != null) {
forcePassword(user,password)
} else {
if secure.passwords.allowblank {
if (unsetpassword) {
forcePassword(user,"")
}
} else {
// Skip, no changes
}
}
}
Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
[jira] Commented: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Posted by je...@jakarta.apache.org.
The following comment has been added to this issue:
Author: Jaq Marit
Created: Fri, 3 Sep 2004 11:14 PM
Body:
Has this been fixed by the latest CVS? I think this is still a problem with JS1.6-dev.
---------------------------------------------------------------------
View this comment:
http://issues.apache.org/jira/browse/JS1-516?page=comments#action_52820
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS1-516
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS1-516
Summary: UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Type: Bug
Status: Unassigned
Priority: Major
Project: Jetspeed
Components:
Security
Versions:
1.5
Assignee:
Reporter: Arthur D'Alessandro
Created: Fri, 3 Sep 2004 2:14 PM
Updated: Fri, 3 Sep 2004 11:14 PM
Environment: Database: Postgres
JVM: J2DSK 1.4.02_04
OS: Redhat 9.x/Windows XPSP2
Description:
UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Thus making the edit user capability unusable unless the purpose was to also reset the password.
I've been throwing around something simple, such as:
services.JetspeedSecurity.secure.passwords.allowblank=true|false
UserUpdateAction.doUpdate: Null password is ok, depending on
if secure.passwords=true {
if (password != null) {
forcePassword(user,password)
} else {
if secure.passwords.allowblank {
if (unsetpassword) {
forcePassword(user,"")
}
} else {
// Skip, no changes
}
}
}
Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
[jira] Commented: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Posted by je...@jakarta.apache.org.
The following comment has been added to this issue:
Author: Arthur D'Alessandro
Created: Tue, 7 Sep 2004 2:21 PM
Body:
1.6 Patch (cleaner):
Index: org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java
===================================================================
RCS file: /home/cvspublic/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
retrieving revision 1.17
diff -u -r1.17 UserUpdateAction.java
--- org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java 31 Mar 2004 04:49:10 -0000 1.17
+++ org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java 7 Sep 2004 21:08:25 -0000
@@ -392,6 +392,7 @@
throws Exception
{
JetspeedUser user = null;
+ String strOriginalPassword= "";
try
{
//
@@ -399,7 +400,8 @@
//
user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
-
+
+ String strOriginalPassword= user.getPassword();
String name = rundata.getParameters().getString("username");
if (name == null || name.trim().length() == 0)
{
@@ -422,6 +424,7 @@
boolean oldDisabled = user.getDisabled();
rundata.getParameters().setProperties(user);
user.setLastAccessDate();
+ user.setPasswowrd(strOriginalPassword);
JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
Index: org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java
===================================================================
RCS file: /home/cvspublic/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java,v
retrieving revision 1.13
diff -u -r1.13 TurbineUserManagement.java
--- org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java 23 Feb 2004 03:54:49 -0000 1.13
+++ org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java 7 Sep 2004 21:08:26 -0000
@@ -452,7 +452,12 @@
throw new UnknownUserException("The account '" +
user.getUserName() + "' does not exist");
}
- user.setPassword(JetspeedSecurity.encryptPassword(password));
+ if (user.getPassword().equalsIgnoreCase(password)) {
+ user.setPassword(password);
+ } else {
+ user.setPassword(JetspeedSecurity.encryptPassword(password));
+ }
+
// save the changes in the database immediately, to prevent the
// password being 'reverted' to the old value if the user data
// is lost somehow before it is saved at session's expiry.
---------------------------------------------------------------------
View this comment:
http://issues.apache.org/jira/browse/JS1-516?page=comments#action_52940
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS1-516
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS1-516
Summary: UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Type: Bug
Status: Unassigned
Priority: Major
Project: Jetspeed
Components:
Security
Versions:
1.5
Assignee:
Reporter: Arthur D'Alessandro
Created: Fri, 3 Sep 2004 2:14 PM
Updated: Tue, 7 Sep 2004 2:21 PM
Environment: Database: Postgres
JVM: J2DSK 1.4.02_04
OS: Redhat 9.x/Windows XPSP2
Description:
UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Thus making the edit user capability unusable unless the purpose was to also reset the password.
I've been throwing around something simple, such as:
services.JetspeedSecurity.secure.passwords.allowblank=true|false
UserUpdateAction.doUpdate: Null password is ok, depending on
if secure.passwords=true {
if (password != null) {
forcePassword(user,password)
} else {
if secure.passwords.allowblank {
if (unsetpassword) {
forcePassword(user,"")
}
} else {
// Skip, no changes
}
}
}
Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
[jira] Commented: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Posted by je...@jakarta.apache.org.
The following comment has been added to this issue:
Author: Arthur D'Alessandro
Created: Tue, 7 Sep 2004 1:46 PM
Body:
I have been able to resolve the issue by modifying the UserUpdateAction, and the TurbineUserManagement classes.
Patches to 1.5 src posted below, please review, and comment:
Index: TurbineUserManagement.java
===================================================================
RCS file: /cvsroot/Jetspeed-1.5/src/java/org/apache/jetspeed/services/security/turbine/TurbineUserManagement.java,v
retrieving revision 1.1
diff -u -r1.1 TurbineUserManagement.java
--- TurbineUserManagement.java 31 Aug 2004 20:00:59 -0000 1.1
+++ TurbineUserManagement.java 7 Sep 2004 20:34:19 -0000
@@ -15,7 +15,6 @@
*/
package org.apache.jetspeed.services.security.turbine;
-
import java.util.List;
import java.util.Iterator;
import java.util.Date;
@@ -240,6 +239,7 @@
"', User doesn't exist");
}
Criteria criteria = TurbineUserPeer.buildCriteria(user);
+
try
{
TurbineUserPeer.doUpdate(criteria);
@@ -452,7 +452,14 @@
throw new UnknownUserException("The account '" +
user.getUserName() + "' does not exist");
}
- user.setPassword(JetspeedSecurity.encryptPassword(password));
+
+ // Compare the old and new, if they are equal, store as is, otherwise go through encryptPassword
+ if (user.getPassword().equalsIgnoreCase(password)) {
+ user.setPassword(password);
+ } else {
+ user.setPassword(this.encryptPassword(password));
+ }
+
// save the changes in the database immediately, to prevent the
// password being 'reverted' to the old value if the user data
// is lost somehow before it is saved at session's expiry.
Index: UserUpdateAction.java
===================================================================
RCS file: /cvsroot/Jetspeed-1.5/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
retrieving revision 1.1
diff -u -r1.1 UserUpdateAction.java
--- UserUpdateAction.java 31 Aug 2004 20:00:54 -0000 1.1
+++ UserUpdateAction.java 7 Sep 2004 20:44:26 -0000
@@ -392,6 +392,10 @@
throws Exception
{
JetspeedUser user = null;
+
+ // Keep track of the original password before we apply the request parameters
+ String strOriginalPassword= "";
+
try
{
//
@@ -399,78 +403,84 @@
//
user = (JetspeedUser)JetspeedSecurity.getUser(
rundata.getParameters().getString(SecurityConstants.PARAM_ENTITY_ID));
-
- String name = rundata.getParameters().getString("username");
+
+ // Store this for comparison later
+ strOriginalPassword= user.getPassword();
+
+ String name = rundata.getParameters().getString("username");
if (name == null || name.trim().length() == 0)
{
- DynamicURI duri = new DynamicURI (rundata);
- duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
- duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
- if (user != null)
- duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
- duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
- rundata.setRedirectURI(duri.toString());
- // save values that user just entered so they don't have to re-enter
- if (user != null)
- rundata.getUser().setTemp(TEMP_USER, user);
- return;
- }
-
- //
- // pull the values off the form and into the user object
- //
- boolean oldDisabled = user.getDisabled();
- rundata.getParameters().setProperties(user);
- user.setLastAccessDate();
-
- JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
-
- String strDisabled = rundata.getParameters().getString("disabled");
- boolean disabled = (strDisabled != null);
- user.setDisabled(disabled);
-
- if (!disabled && oldDisabled && JetspeedSecurity.isDisableAccountCheckEnabled())
- {
- JetspeedSecurity.resetDisableAccountCheck(name);
- }
-
- //
- // update the user in the database
- //
- JetspeedSecurity.saveUser(user);
-
- JetspeedUser currentUser = (JetspeedUser)rundata.getUser();
- if (currentUser.getUserName().equals(user.getUserName()))
- {
- // same user as admin -- need to update in memory
- currentUser.setPassword(user.getPassword()); // Contains Encrypted password
- currentUser.setFirstName(user.getFirstName());
- currentUser.setLastName(user.getLastName());
- currentUser.setEmail(user.getEmail());
- }
-
+ DynamicURI duri = new DynamicURI (rundata);
+ duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
+ duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_INVALID_ENTITY_NAME);
+ if (user != null)
+ duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
+ duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
+ rundata.setRedirectURI(duri.toString());
+ // save values that user just entered so they don't have to re-enter
+ if (user != null)
+ rundata.getUser().setTemp(TEMP_USER, user);
+ return;
+ }
+
+ //
+ // pull the values off the form and into the user object
+ //
+ boolean oldDisabled = user.getDisabled();
+ rundata.getParameters().setProperties(user);
+ user.setLastAccessDate();
+
+ // Set user object password back to original password before request parameters were applied
+ user.setPassword(strOriginalPassword);
+
+ JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
+
+ String strDisabled = rundata.getParameters().getString("disabled");
+ boolean disabled = (strDisabled != null);
+ user.setDisabled(disabled);
+
+ if (!disabled && oldDisabled && JetspeedSecurity.isDisableAccountCheckEnabled())
+ {
+ JetspeedSecurity.resetDisableAccountCheck(name);
+ }
+
+ //
+ // update the user in the database
+ //
+ JetspeedSecurity.saveUser(user);
+
+ JetspeedUser currentUser = (JetspeedUser)rundata.getUser();
+ if (currentUser.getUserName().equals(user.getUserName()))
+ {
+ // same user as admin -- need to update in memory
+ currentUser.setPassword(user.getPassword()); // Contains Encrypted password
+ currentUser.setFirstName(user.getFirstName());
+ currentUser.setLastName(user.getLastName());
+ currentUser.setEmail(user.getEmail());
+ }
+
}
catch (Exception e)
{
- // log the error msg
- logger.error("Exception", e);
-
- //
- // error on update - display error message
- //
- DynamicURI duri = new DynamicURI (rundata);
- duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
- duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
- if (user != null)
- duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
- duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
- rundata.setRedirectURI(duri.toString());
- // save values that user just entered so they don't have to re-enter
- if (user != null)
- rundata.getUser().setTemp(TEMP_USER, user);
- }
+ // log the error msg
+ logger.error("Exception", e);
+
+ //
+ // error on update - display error message
+ //
+ DynamicURI duri = new DynamicURI (rundata);
+ duri.addPathInfo(SecurityConstants.PANE_NAME, SecurityConstants.PANEID_USER_UPDATE);
+ duri.addPathInfo(SecurityConstants.PARAM_MSGID, SecurityConstants.MID_UPDATE_FAILED);
+ if (user != null)
+ duri.addPathInfo(SecurityConstants.PARAM_ENTITY_ID, user.getUserName());
+ duri.addQueryData(SecurityConstants.PARAM_MODE, SecurityConstants.PARAM_MODE_UPDATE);
+ rundata.setRedirectURI(duri.toString());
+ // save values that user just entered so they don't have to re-enter
+ if (user != null)
+ rundata.getUser().setTemp(TEMP_USER, user);
+ }
- }
+ }
/**
* Database Delete Action for Users. Performs deletes into security database.
---------------------------------------------------------------------
View this comment:
http://issues.apache.org/jira/browse/JS1-516?page=comments#action_52937
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS1-516
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS1-516
Summary: UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Type: Bug
Status: Unassigned
Priority: Major
Project: Jetspeed
Components:
Security
Versions:
1.5
Assignee:
Reporter: Arthur D'Alessandro
Created: Fri, 3 Sep 2004 2:14 PM
Updated: Tue, 7 Sep 2004 1:46 PM
Environment: Database: Postgres
JVM: J2DSK 1.4.02_04
OS: Redhat 9.x/Windows XPSP2
Description:
UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Thus making the edit user capability unusable unless the purpose was to also reset the password.
I've been throwing around something simple, such as:
services.JetspeedSecurity.secure.passwords.allowblank=true|false
UserUpdateAction.doUpdate: Null password is ok, depending on
if secure.passwords=true {
if (password != null) {
forcePassword(user,password)
} else {
if secure.passwords.allowblank {
if (unsetpassword) {
forcePassword(user,"")
}
} else {
// Skip, no changes
}
}
}
Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
[jira] Commented: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Posted by je...@jakarta.apache.org.
The following comment has been added to this issue:
Author: Arthur D'Alessandro
Created: Fri, 1 Oct 2004 9:15 AM
Body:
Has anyone else applied the posted patch. Will this patch make it into JS1.6?
---------------------------------------------------------------------
View this comment:
http://issues.apache.org/jira/browse/JS1-516?page=comments#action_53591
---------------------------------------------------------------------
View the issue:
http://issues.apache.org/jira/browse/JS1-516
Here is an overview of the issue:
---------------------------------------------------------------------
Key: JS1-516
Summary: UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Type: Bug
Status: Unassigned
Priority: Major
Project: Jetspeed
Components:
Security
Versions:
1.5
Assignee:
Reporter: Arthur D'Alessandro
Created: Fri, 3 Sep 2004 2:14 PM
Updated: Fri, 1 Oct 2004 9:15 AM
Environment: Database: Postgres
JVM: J2DSK 1.4.02_04
OS: Redhat 9.x/Windows XPSP2
Description:
UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Thus making the edit user capability unusable unless the purpose was to also reset the password.
I've been throwing around something simple, such as:
services.JetspeedSecurity.secure.passwords.allowblank=true|false
UserUpdateAction.doUpdate: Null password is ok, depending on
if secure.passwords=true {
if (password != null) {
forcePassword(user,password)
} else {
if secure.passwords.allowblank {
if (unsetpassword) {
forcePassword(user,"")
}
} else {
// Skip, no changes
}
}
}
Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
If you want more information on JIRA, or have a bug to report see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org
[jira] Commented: (JS1-516) UserUpdateAction re-encrypts encrypted password when secure.passwords=true
Posted by "Jaq Marit (JIRA)" <je...@portals.apache.org>.
[ http://issues.apache.org/jira/browse/JS1-516?page=comments#action_64039 ]
Jaq Marit commented on JS1-516:
-------------------------------
This has been a bug since 1.5. I believe this is critical as many jetspeed users out there want to encrypt their user's passwords. I hope this will make it into JS1.6 release.
I have applied Arthur's patch, with minor fixes (UserUpdateAction.java). The only thing i find unusual in the patch is the use of the field strOriginalPassword. I wonder if there's a better way to handle this. However it works for me.
The patch has been tested with the latest JS1.6-dev from CVS HEAD as of 29 April 2005, with JDK1.4.2 and 1.5, Tomcat 5.0.28 and 5.5. I've tested the functionality with services.JetspeedSecurity.secure.passwords=true, and also was set back to false, and did not break current functionality. Below is the patch I applied.
UserUpdateAction.java
=====================
394a395
> String strOriginalPassword="";
402a404
> strOriginalPassword = user.getPassword();
424a427
> user.setPassword(strOriginalPassword);
426a430,431
> logger.debug("User password now set to " + user.getPassword());
>
TurbineUserManagement.java
==========================
454a455,462
>
> // Compare the old and new, if they are equal, store as is,
> // otherwise go through encryptPassword
> if(user.getPassword().equalsIgnoreCase(password)) {
> logger.debug("Same, setting new password to: " + password);
> user.setPassword(password);
> } else {
> logger.debug("Change password, setting new password to: " + password);
455a464
> }
> UserUpdateAction re-encrypts encrypted password when secure.passwords=true
> --------------------------------------------------------------------------
>
> Key: JS1-516
> URL: http://issues.apache.org/jira/browse/JS1-516
> Project: Jetspeed
> Type: Bug
> Components: Security
> Versions: 1.5
> Environment: Database: Postgres
> JVM: J2DSK 1.4.02_04
> OS: Redhat 9.x/Windows XPSP2
> Reporter: Arthur D'Alessandro
>
> UserUpdateAction re-encrypts encrypted password when secure.passwords=true
> Thus making the edit user capability unusable unless the purpose was to also reset the password.
> I've been throwing around something simple, such as:
> services.JetspeedSecurity.secure.passwords.allowblank=true|false
> UserUpdateAction.doUpdate: Null password is ok, depending on
> if secure.passwords=true {
> if (password != null) {
> forcePassword(user,password)
> } else {
> if secure.passwords.allowblank {
> if (unsetpassword) {
> forcePassword(user,"")
> }
> } else {
> // Skip, no changes
> }
> }
> }
> Modify user-form.vm, add a checkbox next to password (if secure.passwords.allowblank=true) eg, Unset Password
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org