Hi again Christophe, David, On 13 Feb 2008 at 21:02, Rob Hills wrote:
> I'm trying out a variation of the workaround you mentioned and I'll report > back how I get on. Actually, it was the workaround that David mentioned and my variation of it seems to be working. David described his workaround as follows: 1. Extend the UserAction 2. In the saveUser, i check if the password is less then 40 chars and if it is I change the user's version to null (make Appfuse think this is a new user) I was a bit concerned about relying on the length of the password - knowing my luck, one day some user will put in a long sentence for a password and trigger the latent bug. So, my variation was: 1. Extend the UserAction 2. Add an "existingPassword" attribute to the UserAction. Set that to the existing user.password value at the end of the edit() method. 3. Add an "existingPassword" hidden field to userForm.jsp 4. In UserAction.save(), just before the call to userManager.save(user), compare user.password with UserAction.existingPassword - if they're different, set user.version to null to trigger userManager to encrypt and (re)save the password. This is still a Major KLUDGE, but it works and it won't break if the user happens to type in an essay for his password ;-) I'd still like to understand what's going on here, something's clearly not working properly! Still, I've marked this bit of the code with a big /** KLUDGE ALERT!!! **/ and maybe one day I'll find out/understand what's going on and be able to fix it properly. Cheers, Rob Hills Waikiki, Western Australia Mobile +61 (412) 904-357 Fax: +61 (8) 9529-2137 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
