[jira_list] [JIRA] Resolved: (JKB-1) How to avoid restarting Jahia after changing a user's password with LDAP ?

Thu, 14 Jun 2007 06:11:22 -0700 

     [ http://www.jahia.org/jira/browse/JKB-1?page=all ]

Thomas Draier resolved JKB-1.
-----------------------------

    Resolution: Fixed

> How to avoid restarting Jahia after changing a user's password with LDAP ?
> --------------------------------------------------------------------------
>
>                 Key: JKB-1
>                 URL: http://www.jahia.org/jira/browse/JKB-1
>             Project: Jahia Knowledge Base
>          Issue Type: Improvement
>            Reporter: Stéphanie Rouaud
>         Attachments: JahiaLDAPUser.class
>
>
> When a LDAP user change his password, it's not effective in Jahia because 
> Jahia use the password of the last session of the person store in cache. So 
> you need to restart your server to take the change into consideration.
> Here is how you can change the code of the JahiaLDAPUser class to redirect 
> the test to check again the LDAP password if the first test is wrong and 
> clean the caches at the same time.
>  
> public boolean verifyPassword (String password) {
>          if (password != null) {
>              boolean localLoginResult = false;
>              if (!"".equals(mPassword)) {
>                  String test = JahiaUserManagerService.encryptPassword
> (password);
>                  localLoginResult = mPassword.equals (test);
>              }
>              //test the provided password with the internal memory
> encrypted password.
>              if(localLoginResult){
>                  //both passwords match.
>                  return true;
>              }else{
>                  //the local encrypted password does not match the one
> in parameter
>                  //forward to the ldap authN in case of there was a
> ldap password change from the last user's visit.
>                  boolean loginResult =
> JahiaUserManagerLDAPProvider.getInstance ().login (mUserKey,
>                      password);
>                  if (loginResult) {
>                          /** @todo here we must now update the
> properties of the user
>                          *  since he has access to more of his
> attributes once logged in
>                          */
>                          mPassword =
> JahiaUserManagerService.encryptPassword
> (password);
>                          return true;
>                  }
>                  /** @todo insert here LDAP connection check... */
>              }
>          }
>          return false;
>      } 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://www.jahia.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       
_______________________________________________
jira_list mailing list
[email protected]
http://lists.jahia.org/cgi-bin/mailman/listinfo/jira_list

Reply via email to