Hi All, My app is based on Appfuse 2.0 (manually upgraded to 2.01) and Struts.
I modified the core classes to add a "Company" attribute to the User object. In testing I've found a problem that I suspect is my fault, but I'm confused about what's going on. When I create a new user in my application, the password value in the db is encrypted as expected. However, if I use the user edit form to change the user's password (either by editing the user as an administrator, or logging in as that user and using "my profile"), the new password is stored in the db as plain text. Of course, the next time that user tries to login, it fails with an invalid password. I've looked back at the original org.appfuse.webapp.action.UserAction class and compared it with my modified version but I can't see where the password encryption takes place, or what I may have done to stop that happening. I assume that this works correctly in an unmodified Appfuse app, so can someone please explain to me where the password encryption happens so I can work out how I've broken it? Cheers, Rob Hills Waikiki, Western Australia Mobile +61 (412) 904-357 Fax: +61 (8) 9529-2137 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
