[1/3] syncope git commit: [SYNCOPE-928] check existing password before store the new one

Thu, 01 Sep 2016 07:31:59 -0700 

Repository: syncope
Updated Branches:
  refs/heads/1_1_X 162ff5707 -> a4d492918
  refs/heads/1_2_X a5333a628 -> d3c779f6b
  refs/heads/master 5f7da0cec -> 9a7332af5


[SYNCOPE-928] check existing password before store the new one


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/9a7332af
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/9a7332af
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/9a7332af

Branch: refs/heads/master
Commit: 9a7332af592d596149ae86570b31e4d0add52ab9
Parents: 5f7da0c
Author: fmartelli <fabio.marte...@gmail.com>
Authored: Thu Sep 1 16:01:29 2016 +0200
Committer: fmartelli <fabio.marte...@gmail.com>
Committed: Thu Sep 1 16:01:29 2016 +0200

----------------------------------------------------------------------
 .../org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java   | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/9a7332af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
----------------------------------------------------------------------
diff --git 
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
 
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
index b3a4497..039c279 100644
--- 
a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
+++ 
b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAUserDAO.java
@@ -319,7 +319,8 @@ public class JPAUserDAO extends AbstractAnyDAO<User> 
implements UserDAO {
             }
 
             // update user's password history with encrypted password
-            if (maxPPSpecHistory > 0 && user.getPassword() != null) {
+            if (maxPPSpecHistory > 0 && user.getPassword() != null
+                    && 
!user.getPasswordHistory().contains(user.getPassword())) {
                 user.getPasswordHistory().add(user.getPassword());
             }
             // keep only the last maxPPSpecHistory items in user's password 
history

Reply via email to