Hello all, I have a strange problem. I created new role in addition to the current two roles. that is ROLE_ADMIN, ROLE_USER, and ROLE_MEMBER. I have modified userForm.jsp to allow the users of ROLE_MEMBER to change the password only while all the other fields are hidden. ( I did modified the security.xml). But all fields are shown for ROLE_ADMIN users.
The problem is that if the admin user of role ROLE_ADMIN try to change his password or the password of any other users of other roles, it cannot log in and says the password is not correct. On further investigation, I found that once the password is changed, in the database the password is not converted to SHA. It will be the same password as typed not encrypted... see the table below..... the admin's password is not encrypted.... +------------+-----------+----------+------------------------------------------+ | first_name | last_name | username | password | +------------+-----------+----------+------------------------------------------+ | Apple | Member | apple | d0be2dc421be4fcd0172e5afceea3970e2f3d940 | | Matt | Raible | admin | apple | | Tomcat | User | user | 12dea96fec20593566ab75692c9949596833adc9 | +------------+-----------+----------+------------------------------------------+ Any idea what went wrong????? Thanks... Green horn.. -- View this message in context: http://www.nabble.com/Cannot-login-after-changing-the-password.....-tp25696615s2369p25696615.html Sent from the AppFuse - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@appfuse.dev.java.net For additional commands, e-mail: users-h...@appfuse.dev.java.net
