paulsp 02/03/19 22:55:48
Modified: src/java/org/apache/jetspeed/modules/actions
CreateNewUserAndConfirm.java
JetspeedSessionValidator.java UpdateAccount.java
src/java/org/apache/jetspeed/modules/actions/portlets/security
UserUpdateAction.java
src/java/org/apache/jetspeed/modules/localization
JetspeedLocalization_en.properties
src/java/org/apache/jetspeed/services/security
JetspeedDBSecurityService.java
webapp/WEB-INF/templates/vm GlobalMacros.vm
webapp/WEB-INF/templates/vm/portlets/html user-form.vm
webapp/WEB-INF/templates/vm/screens/html EditAccount.vm
xdocs changes.xml
docs/site changes.html
Log:
o Fix - Bug 7142 - When password are saved encryped when encryption is enabled
o Fix - Bug 7142 - Users must enter their current password to change their password
o Fix - Password are correctly cased, based on JR.p JetspeedSecurity.caseinsensitive
properites
o Fix - Username is no longer updatable in UserBrowser Edit and Delete screens
o Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate. Mainly
everywhere other then JetspeedDBSecurityService
o Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form
PR: 7142
Revision Changes Path
1.29 +2 -4
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/CreateNewUserAndConfirm.java
Index: CreateNewUserAndConfirm.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/CreateNewUserAndConfirm.java,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- CreateNewUserAndConfirm.java 23 Feb 2002 23:10:15 -0000 1.28
+++ CreateNewUserAndConfirm.java 20 Mar 2002 06:55:47 -0000 1.29
@@ -85,7 +85,6 @@
// security
import org.apache.jetspeed.services.JetspeedSecurity;
-import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.turbine.util.security.AccessControlList;
/**
@@ -122,6 +121,7 @@
String pass1 = data.getParameters().getString("password", "");
String pass2 = data.getParameters().getString("password_confirm", "");
+
// make sure the passwords are not empty
if ( (pass1.length() == 0 || pass2.length() == 0 )
|| ! pass1.equals ( pass2 ) )
@@ -164,7 +164,6 @@
User user = JetspeedSecurity.getUserInstance();
user.setUserName( username );
- user.setPassword ( pass1 );
user.setCreateDate(now);
user.setLastLogin(new Date(0));
user.setFirstName( data.getParameters().getString("firstname") );
@@ -200,7 +199,7 @@
data.setMessage(Localization.getString("CREATENEWUSERANDCONFIRM_CREATE"));
if (enableMail || newUserNotification || newUserApproval)
{
- data.setUser(TurbineSecurity.getAnonymousUser());
+ data.setUser(JetspeedSecurity.getAnonymousUser());
data.getParameters().add("username", username);
data.getParameters().add("password", pass1);
if ( ! newUserApproval )
@@ -308,6 +307,5 @@
data.setScreenTemplate("Error");
}
}
-
}
1.15 +6 -5
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java
Index: JetspeedSessionValidator.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- JetspeedSessionValidator.java 19 Feb 2002 14:02:08 -0000 1.14
+++ JetspeedSessionValidator.java 20 Mar 2002 06:55:48 -0000 1.15
@@ -60,13 +60,14 @@
import org.apache.turbine.util.RunData;
import org.apache.turbine.util.Log;
import org.apache.turbine.util.security.UnknownEntityException;
-import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.turbine.om.security.User;
import org.apache.turbine.modules.actions.sessionvalidator.TemplateSessionValidator;
import org.apache.turbine.services.resources.TurbineResources;
-import org.apache.jetspeed.services.rundata.JetspeedRunData;
-import org.apache.jetspeed.services.Profiler;
+
import org.apache.jetspeed.om.profile.Profile;
+import org.apache.jetspeed.services.JetspeedSecurity;
+import org.apache.jetspeed.services.Profiler;
+import org.apache.jetspeed.services.rundata.JetspeedRunData;
import org.apache.jetspeed.services.resources.JetspeedResources;
/**
@@ -82,7 +83,7 @@
@author <a href="mailto:[EMAIL PROTECTED]";>Ingo Schuster</a>
@author <a href="mailto:[EMAIL PROTECTED]";>Raphaël Luta</a>
@author <a href="mailto:[EMAIL PROTECTED]";>Santiago Gala</a>
-@version $Id: JetspeedSessionValidator.java,v 1.14 2002/02/19 14:02:08 kimptoc Exp $
+@version $Id: JetspeedSessionValidator.java,v 1.15 2002/03/20 06:55:48 paulsp Exp $
*/
public class JetspeedSessionValidator extends TemplateSessionValidator
{
@@ -113,7 +114,7 @@
if ( userName.length() > 0 && loginCookieValue.length() >0 )
{
try {
- user = TurbineSecurity.getUser(userName);
+ user = JetspeedSecurity.getUser(userName);
if (user.getPerm("logincookie","").equals(loginCookieValue)) {
//cookie is present and correct - log the user in
data.setUser(user);
1.15 +34 -16
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/UpdateAccount.java
Index: UpdateAccount.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/UpdateAccount.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- UpdateAccount.java 22 Feb 2002 11:57:15 -0000 1.14
+++ UpdateAccount.java 20 Mar 2002 06:55:48 -0000 1.15
@@ -55,22 +55,24 @@
package org.apache.jetspeed.modules.actions;
-// JDK Stuff
+// Java
import java.sql.Connection;
import java.util.Hashtable;
-
import javax.servlet.http.Cookie;
-// External Stuff
+// Jetspeed
+import org.apache.jetspeed.services.resources.JetspeedResources;
+import org.apache.jetspeed.services.JetspeedSecurity;
+
+// Turbine
import org.apache.turbine.modules.Action;
import org.apache.turbine.modules.ActionLoader;
+import org.apache.turbine.om.security.User;
import org.apache.turbine.services.localization.Localization;
-import org.apache.turbine.services.security.TurbineSecurity;
import org.apache.turbine.util.RunData;
import org.apache.turbine.util.Log;
import org.apache.turbine.util.GenerateUniqueId;
-import org.apache.turbine.om.security.User;
-import org.apache.jetspeed.services.resources.JetspeedResources;
+import org.apache.turbine.util.security.PasswordMismatchException;
/**
*
@@ -91,8 +93,9 @@
String cancelBtn = data.getParameters().getString( "CancelBtn" , "" );
String username = data.getParameters().getString( "username" , "" );
- String password = data.getParameters().getString( "password" , "" );
- String password2 = data.getParameters().getString( "password_confirm" , ""
);
+ String oldPassword =
JetspeedSecurity.convertPassword(data.getParameters().getString( "old_password" , ""
));
+ String password =
JetspeedSecurity.convertPassword(data.getParameters().getString( "password" , "" ));
+ String password2 =
JetspeedSecurity.convertPassword(data.getParameters().getString( "password_confirm" ,
"" ));
String firstname = data.getParameters().getString( "firstname", "" );
String lastname = data.getParameters().getString( "lastname" , "" );
String email = data.getParameters().getString( "email" , "" );
@@ -126,14 +129,20 @@
changepass = true;
}
- if ( changepass == true && ! password.equals ( password2 ) )
+ if ( changepass == true && ! password.equals( password2 ) )
{
data.setMessage(Localization.getString("UPDATEACCOUNT_PWNOTMATCH"));
backToEditAccount( data, screenData );
return;
}
- // FIRSTNAME
+ if ( changepass == true && password.equals( oldPassword ) )
+ {
+ // old password = new passwod, so do not change.
+ changepass = false;
+ }
+
+ // FIRSTNAME
//
// make sure the firstname exists
if ( firstname.length() == 0 )
@@ -206,7 +215,7 @@
{
loginCookieValue = ""+Math.random();
data.getUser().setPerm("logincookie",loginCookieValue);
- TurbineSecurity.saveUser( data.getUser() );
+ JetspeedSecurity.saveUser( data.getUser() );
}
Cookie userName = new Cookie("username",data.getUser().getUserName());
@@ -260,7 +269,7 @@
//Send confirmation email if different than current
data.getUser().setEmail( email );
data.getUser().setConfirmed( GenerateUniqueId.getIdentifier() );
- TurbineSecurity.saveUser( data.getUser() );
+ JetspeedSecurity.saveUser( data.getUser() );
ActionLoader.getInstance().exec(data, "SendConfirmationEmail");
// add in the username to the parameters because
ConfirmRegistration needs it
data.getParameters().add("username", data.getUser().getUserName() );
@@ -269,21 +278,30 @@
}
else
{
- TurbineSecurity.saveUser( data.getUser() );
+ JetspeedSecurity.saveUser( data.getUser() );
}
// update currently logged in information that might have changed
data.getUser().setFirstName( firstname );
data.getUser().setLastName( lastname );
data.getUser().setEmail( email );
- if ( changepass ) {
- data.getUser().setPassword(password);
+ if ( changepass )
+ {
+ try
+ {
+ JetspeedSecurity.changePassword(data.getUser(),oldPassword, password);
+ } catch (PasswordMismatchException e)
+ {
+
data.setMessage(Localization.getString("UPDATEACCOUNT_BADOLDPASSWORD"));
+ backToEditAccount( data, screenData );
+ return;
+ }
}
//allow sub-classes to update additional information
updateUser(data);
- TurbineSecurity.saveUser( data.getUser() );
+ JetspeedSecurity.saveUser( data.getUser() );
data.setMessage (Localization.getString("UPDATEACCOUNT_DONE"));
}
1.9 +3 -7
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java
Index: UserUpdateAction.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- UserUpdateAction.java 11 Mar 2002 07:22:11 -0000 1.8
+++ UserUpdateAction.java 20 Mar 2002 06:55:48 -0000 1.9
@@ -104,7 +104,7 @@
* @author <a href="mailto:[EMAIL PROTECTED]";>David Sean Taylor</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Chris Kimpton</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Paul Spencer</a>
- * @version $Id: UserUpdateAction.java,v 1.8 2002/03/11 07:22:11 taylor Exp $
+ * @version $Id: UserUpdateAction.java,v 1.9 2002/03/20 06:55:48 paulsp Exp $
*/
public class UserUpdateAction extends VelocityPortletAction
{
@@ -236,9 +236,6 @@
if (password == null)
password = "";
- // convert case if configured
- password = JetspeedSecurity.convertPassword(password);
- user.setPassword(JetspeedSecurity.convertPassword(user.getPassword()));
user.setUserName(JetspeedSecurity.convertUserName(user.getUserName()));
Date now = new Date();
@@ -480,8 +477,7 @@
rundata.getParameters().setProperties(user);
user.setLastAccessDate();
- // convert case if configured
- user.setPassword(JetspeedSecurity.convertPassword(user.getPassword()));
+
JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
String strDisabled = rundata.getParameters().getString("disabled");
boolean disabled = (strDisabled != null);
@@ -501,7 +497,7 @@
if (currentUser.getUserName().equals(user.getUserName()))
{
// same user as admin -- need to update in memory
- currentUser.setPassword(user.getPassword());
+ currentUser.setPassword(user.getPassword()); // Contains Encrypted
password
currentUser.setFirstName(user.getFirstName());
currentUser.setLastName(user.getLastName());
currentUser.setEmail(user.getEmail());
1.15 +2 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties
Index: JetspeedLocalization_en.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- JetspeedLocalization_en.properties 19 Mar 2002 21:35:42 -0000 1.14
+++ JetspeedLocalization_en.properties 20 Mar 2002 06:55:48 -0000 1.15
@@ -67,7 +67,7 @@
UPDATEACCOUNT_DONE=Your account has been updated!
UPDATEACCOUNT_NOUSER=Could not find correct user.
UPDATEACCOUNT_NEWEMAILCONFIRM=You have changed your email address. You must
re-confirm in order to continue using the system. Please check your email account.
-
+UPDATEACCOUNT_BADOLDPASSWORD=Sorry, the old password is incorrect
CONFIRMREGISTRATION_TITLE=Confirm Registration
CONFIRMREGISTRATION_NOUSERNAME=Sorry, a username must be available.
CONFIRMREGISTRATION_MESSAGE=Please check your email for your secret key. The
secret key is required to confirm your registration
@@ -92,6 +92,7 @@
USERFORM_UPDATE=Update Account
USERFORM_CREATE=Create New Account
USERFORM_LOGIN=Login
+USERFORM_OLDPASSWORDMSG=Old Password
USERFORM_PASSWORDSEND=Email Password
USERFORM_PASSWORDREMINDER=Forgotten your password?<br>Enter your username<br> and
click Password?
USERFORM_FORGOTPASSWORD_NOTICE=Please e-mail my password.
1.17 +85 -18
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
Index: JetspeedDBSecurityService.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- JetspeedDBSecurityService.java 25 Feb 2002 04:38:13 -0000 1.16
+++ JetspeedDBSecurityService.java 20 Mar 2002 06:55:48 -0000 1.17
@@ -55,19 +55,38 @@
package org.apache.jetspeed.services.security;
import java.util.HashMap;
-import org.apache.jetspeed.services.JetspeedSecurity;
+import javax.servlet.ServletConfig;
+
+// Jetspeed
+import org.apache.jetspeed.om.profile.Profile;
+import org.apache.jetspeed.om.profile.ProfileLocator;
+import org.apache.jetspeed.om.profile.BaseProfile;
+import org.apache.jetspeed.om.profile.BaseProfileLocator;
+import org.apache.jetspeed.om.profile.ProfileException;
+import org.apache.jetspeed.om.registry.RegistryEntry;
+import org.apache.jetspeed.om.registry.Security;
import org.apache.jetspeed.om.security.JetspeedUser;
-import org.apache.turbine.services.security.db.*;
import org.apache.jetspeed.portal.Portlet;
-import org.apache.jetspeed.portal.PortletSet;
import org.apache.jetspeed.portal.PortletController;
+import org.apache.jetspeed.portal.PortletSet;
+
+import org.apache.jetspeed.services.JetspeedSecurity;
+import org.apache.jetspeed.services.Profiler;
+import org.apache.jetspeed.services.PsmlManager;
import org.apache.jetspeed.services.Registry;
-import org.apache.jetspeed.om.registry.*;
+
+// Turbine
import org.apache.turbine.om.security.User;
import org.apache.turbine.om.security.Group;
import org.apache.turbine.om.security.Role;
+import org.apache.turbine.services.TurbineServices;
+import org.apache.turbine.services.InitializationException;
+import org.apache.turbine.services.resources.ResourceService;
+import org.apache.turbine.services.security.db.DBSecurityService;
+
+import org.apache.turbine.util.Log;
import org.apache.turbine.util.RunData;
import org.apache.turbine.util.security.AccessControlList;
import org.apache.turbine.util.security.DataBackendException;
@@ -75,19 +94,6 @@
import org.apache.turbine.util.security.UnknownEntityException;
import org.apache.turbine.util.security.PasswordMismatchException;
-import org.apache.jetspeed.om.profile.Profile;
-import org.apache.jetspeed.om.profile.ProfileLocator;
-import org.apache.jetspeed.om.profile.BaseProfile;
-import org.apache.jetspeed.om.profile.BaseProfileLocator;
-import org.apache.jetspeed.om.profile.ProfileException;
-import org.apache.jetspeed.services.Profiler;
-import org.apache.jetspeed.services.PsmlManager;
-
-import org.apache.turbine.services.TurbineServices;
-import org.apache.turbine.services.InitializationException;
-import javax.servlet.ServletConfig;
-import org.apache.turbine.services.resources.ResourceService;
-import org.apache.turbine.util.Log;
/**
* <p>This is an implementation of the <code>JetspeedSecurityService</code>
interface.
@@ -95,7 +101,7 @@
*
* @author <a href="mailto:[EMAIL PROTECTED]";>David Sean Taylor</a>
* @author <a href="mailto:[EMAIL PROTECTED]";>Santiago Gala</a>
- * @version $Id: JetspeedDBSecurityService.java,v 1.16 2002/02/25 04:38:13 taylor
Exp $
+ * @version $Id: JetspeedDBSecurityService.java,v 1.17 2002/03/20 06:55:48 paulsp
Exp $
*/
@@ -552,5 +558,66 @@
}
}
stat.reset();
+ }
+
+ /**
+ * Creates new user account with specified attributes. The password will be
+ * converted using convertPassword()
+ *
+ * @param user the object describing account to be created.
+ * @throws DataBackendException if there was an error accessing the data
backend.
+ * @throws EntityExistsException if the user account already exists.
+ * @see convertPassword()
+ */
+ public void addUser( User user, String password )
+ throws DataBackendException, EntityExistsException
+ {
+ super.addUser(user, convertPassword(password));
+ }
+
+
+ /**
+ * Change the password for an User. The password will be converted
+ * using convertPassword()
+ *
+ * @param user an User to change password for.
+ * @param oldPassword the current password supplied by the user.
+ * @param newPassword the current password requested by the user.
+ * @exception PasswordMismatchException if the supplied password was
+ * incorrect.
+ * @exception UnknownEntityException if the user's record does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ * @see convertPassword()
+ */
+ public void changePassword( User user, String oldPassword, String newPassword )
+ throws PasswordMismatchException, UnknownEntityException,
+ DataBackendException
+ {
+ super.changePassword(user, convertPassword(oldPassword),
convertPassword(newPassword));
+ }
+
+ /**
+ * Forcibly sets new password for an User. The password will be converted
+ * using convertPassword()
+ *
+ * This is supposed by the administrator to change the forgotten or
+ * compromised passwords. Certain implementatations of this feature
+ * would require administrative level access to the authenticating
+ * server / program.
+ *
+ * @param user an User to change password for.
+ * @param password the new password.
+ * @exception UnknownEntityException if the user's record does not
+ * exist in the database.
+ * @exception DataBackendException if there is a problem accessing the
+ * storage.
+ * @see convertPassword()
+ */
+ public void forcePassword( User user, String password )
+ throws UnknownEntityException, DataBackendException
+ {
+ super.forcePassword(user, convertPassword(password));
}
}
1.5 +11 -7 jakarta-jetspeed/webapp/WEB-INF/templates/vm/GlobalMacros.vm
Index: GlobalMacros.vm
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/GlobalMacros.vm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- GlobalMacros.vm 25 Feb 2002 04:25:37 -0000 1.4
+++ GlobalMacros.vm 20 Mar 2002 06:55:48 -0000 1.5
@@ -30,7 +30,7 @@
#macro (textField $name $value $size)
<font face="$ui.sansSerifFonts">
- <input type="text" size="30" name="$name" value="$value">
+ <input type="text" size="$size" name="$name" value="$value">
</font>
#end
@@ -41,16 +41,20 @@
#end
#macro (formPasswordCell $label $name $value)
+ #formLabel("$label")
<td bgcolor="$!{skin.TitleBackgroundColor}">
- <b>
- <font face="$ui.sansSerifFonts">
- $label
- </font>
- </b>
+ <font face="$ui.sansSerifFonts">
+ <input type="password" size="30" name="$name" value="$value">
+ </font>
</td>
+#end
+
+#macro (formReadOnlyCell $label $name $value)
+ #formLabel("$label")
<td bgcolor="$!{skin.TitleBackgroundColor}">
<font face="$ui.sansSerifFonts">
- <input type="password" size="30" name="$name" value="$value">
+ <input type="hidden" size="30" name="$name" value="$value">
+ $value
</font>
</td>
#end
1.6 +6 -2
jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm
Index: user-form.vm
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- user-form.vm 11 Mar 2002 07:20:30 -0000 1.5
+++ user-form.vm 20 Mar 2002 06:55:48 -0000 1.6
@@ -3,7 +3,7 @@
Display the details of a user.
@author <a href="mailto:[EMAIL PROTECTED]";>David Sean Taylor</a>
-@version $Id: user-form.vm,v 1.5 2002/03/11 07:20:30 taylor Exp $
+@version $Id: user-form.vm,v 1.6 2002/03/20 06:55:48 paulsp Exp $
*#
<form method="post"
action="$jlink.setPanel("UserBrowser").setAction("portlets.security.UserUpdateAction")">
@@ -40,7 +40,11 @@
#set ($email = $user.Email)
#set ($disabled = $user.Disabled)
#end
- #formCell ("Username" "username" $name)
+ #if (($mode == "delete") || ($mode=="update"))
+ #formReadOnlyCell ("Username" "username" $name)
+ #else
+ #formCell ("Username" "username" $name)
+ #end
</tr>
<tr>
#formPasswordCell ("Password" "password" $pw)
1.8 +7 -0
jakarta-jetspeed/webapp/WEB-INF/templates/vm/screens/html/EditAccount.vm
Index: EditAccount.vm
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/screens/html/EditAccount.vm,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- EditAccount.vm 9 Jan 2002 12:14:20 -0000 1.7
+++ EditAccount.vm 20 Mar 2002 06:55:48 -0000 1.8
@@ -28,6 +28,13 @@
</td>
</tr>
<tr>
+ <td>$l10n.USERFORM_OLDPASSWORDMSG</td>
+ <td> </td>
+ <td align="left">
+ <input name="old_password" type="PASSWORD" value="">
+ </td>
+ </tr>
+ <tr>
<td>$l10n.USERFORM_PASSWORDMSG</td>
<td> </td>
<td align="left">
1.30 +13 -1 jakarta-jetspeed/xdocs/changes.xml
Index: changes.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- changes.xml 15 Mar 2002 19:01:30 -0000 1.29
+++ changes.xml 20 Mar 2002 06:55:48 -0000 1.30
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!--
-$Id: changes.xml,v 1.29 2002/03/15 19:01:30 paulsp Exp $
+$Id: changes.xml,v 1.30 2002/03/20 06:55:48 paulsp Exp $
-->
<document>
<properties>
@@ -202,6 +202,18 @@
<ul>
<li>Implemented IdGenerator services</li>
<li>Customizer now uses IdGenerator service</li>
+ </ul>
+</li>
+<li>
+ Fix - 2002/03/20 - (PS)
+ <ul>
+ <li>Fix - Bug 7142 - When password are saved encryped when encryption is
enabled</li>
+ <li>Fix - Bug 7142 - Users must enter their current password to change their
password</li>
+ <li>Fix - Password are correctly cased, based on JR.p
JetspeedSecurity.caseinsensitive properites</li>
+ <li>Fix - Username is no longer updatable in UserBrowser Edit and Delete
screens</li>
+ <li>Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate.
Mainly everywhere other
+ then JetspeedDBSecurityService</li>
+ <li>Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form</li>
</ul>
</li>
</ul>
1.17 +12 -0 jakarta-jetspeed/docs/site/changes.html
Index: changes.html
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/docs/site/changes.html,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- changes.html 15 Mar 2002 19:01:30 -0000 1.16
+++ changes.html 20 Mar 2002 06:55:48 -0000 1.17
@@ -308,6 +308,18 @@
<li>Customizer now uses IdGenerator service</li>
</ul>
</li>
+<li>
+ Fix - 2002/03/20 - (PS)
+ <ul>
+ <li>Fix - Bug 7142 - When password are saved encryped when encryption is
enabled</li>
+ <li>Fix - Bug 7142 - Users must enter their current password to change their
password</li>
+ <li>Fix - Password are correctly cased, based on JR.p
JetspeedSecurity.caseinsensitive properites</li>
+ <li>Fix - Username is no longer updatable in UserBrowser Edit and Delete
screens</li>
+ <li>Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate.
Mainly everywhere other
+ then JetspeedDBSecurityService</li>
+ <li>Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form</li>
+ </ul>
+</li>
</ul>
</blockquote>
</p>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
