Hi Ernas,
[EMAIL PROTECTED] wrote:
On Feb 11, 2008 10:03 PM, Rob Hills <[EMAIL PROTECTED]> wrote:
When I trace through the UserManagerImpl.save(User) method, I find that at
line 87, the code uses the dao to pull the user's old password from the DB to
compare it with the one that's just been posted to see if it's changed. The
problem I see here is that the password that comes back from the DB is the
one I typed in to the form - in plain text. Somehow it's been persisted to the
DB prior to UserManagerImpl.save(User) being called.
Sorry, I can't help you but I've seen this problem some time ago.
I looked into hibernate debug log and found that user
object persisted after UserAction.java line 172:
user.addRole(roleManager.getRole(roleName));
I tried to comment that line, and password was saved correctly.
I hope someone will finally fix this :)
Thanks for the comment. I also traced through and observed that the
user object was persisted at the same line you indicated, though I
didn't try and comment it out. Another poster suggested that the
problem _doesn't_ occur if the UserAction isn't modified. It would be
good to find out exactly what is triggering this behaviour.
Cheers,
Rob Hills
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
