Results 1 to 5 of 5

Thread: Password refresh

  1. Mar 13th, 2007, 11:20 AM #1
    Ghed
    Ghed is offline Senior Member
    Join Date
    Feb 2007
    Posts
    102

    Default Password refresh

    Hi all!
    I use Spring+Acegi+Apache Directory DS 1.0 ( Ldap Server ).
    I customized the LdapAuthenticationProvider and it works in this way:
    if the account has expired, the user is authenticated with only one role ( ROLE_UPDATE ) and redirected to the update page.
    After user changed his password, he is redirected to the login page.
    Here we got the problem: user cannot log with the new password.

    If I restart the APPLICATION SERVER, nothing happens.

    If I restart the LDAP SERVER, the password is now updated.

    The system uses a controller to update the password:

    Code:
    ...

Authentication auth = SecurityContextHolder.getContext().getAuthentication();
Account retrievedAccount = userManager.getUserDetailsByUid(auth.getName());

retrievedAccount.setPassword("new pwd here");
retrievedAccount.setExpireDate("new date here");

userManager.updateUser(retrievedAccount);

ldapAuthProvider.getUserCache().removeUserFromCache(auth.getName());

ModelAndView _t = new ModelAndView("acegilogin");

...
    What do you think I am missing?

    Best regards
  2. Mar 13th, 2007, 01:16 PM #2
    karldmoore
    karldmoore is offline Senior Member
    Join Date
    Sep 2006
    Location
    UK
    Posts
    8,424

    Default

    It sounds like the problem is with the LDAP server. It doesn't recognise the new passwork until it's restarted.
  3. Mar 14th, 2007, 06:51 AM #3
    Ghed
    Ghed is offline Senior Member
    Join Date
    Feb 2007
    Posts
    102

    Default

    I think so too.
    Maybe I do a mistake in the code .. I am looking into this:

    Code:
    ..
<bean id="ldapTemplate"
		class="org.springframework.ldap.LdapTemplate">
		<constructor-arg ref="contextSource" />
</bean>
..
    and again:
    Code:
    BasicAttribute userPasswordAttribute = new BasicAttribute("userpassword");
userPasswordAttribute.add("new password here");
ModificationItem replacedPassword = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, userPasswordAttribute);
ModificationItem[] modificationItemArray = new ModificationItem[1];
try { ldapTemplate.modifyAttributes(distinguishedName.toString(),modificationItemArray);
		} catch (DataAccessException e) {
			return false;
		}
    Do the "ldapTemplate.modifyAttributes( .. )" ensure the connection closing?
  4. Mar 14th, 2007, 09:13 AM #4
    Luke Taylor
    Luke Taylor is offline Senior Member Acegi Security System TeamSpring Team
    Join Date
    Aug 2004
    Location
    Glasgow, Scotland
    Posts
    3,449

    Default

    Why not write a junit test case which does this and step through it in a debugger?

    Whether the connection is closed or not isn't relevant to whether the password is updated, but that's what the template is for. You should probably use the Spring Ldap forum if you have questions about using templates.
  5. Mar 14th, 2007, 01:47 PM #5
    karldmoore
    karldmoore is offline Senior Member
    Join Date
    Sep 2006
    Location
    UK
    Posts
    8,424

    Default

    Although I've not done much with LdapTemplate, that looks fine to me. I'd follow Luke's suggestions.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules