]> git.aero2k.de Git - tmp/jakarta-migration.git/commitdiff
projects / tmp / jakarta-migration.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3388fbd)
CC-740: Create a new salt when password is updated.
authorRichard Millet <remillet@yahoo.com>
Thu, 29 Aug 2019 06:16:40 +0000 (23:16 -0700)
committerRichard Millet <remillet@gmail.com>
Sat, 31 Aug 2019 19:16:07 +0000 (12:16 -0700)
services/account/service/src/main/java/org/collectionspace/services/account/storage/csidp/UserStorageClient.java patch | blob | history

diff --git a/services/account/service/src/main/java/org/collectionspace/services/account/storage/csidp/UserStorageClient.java b/services/account/service/src/main/java/org/collectionspace/services/account/storage/csidp/UserStorageClient.java
index a0b86daa6f9ced381165e631f76151f909baea66..07f0a1c46b7666f1d2bd82b26e051991948615b6 100644 (file)
--- a/services/account/service/src/main/java/org/collectionspace/services/account/storage/csidp/UserStorageClient.java
+++ b/services/account/service/src/main/java/org/collectionspace/services/account/storage/csidp/UserStorageClient.java
@@ -115,7 +115,9 @@ public class UserStorageClient {
             throws DocumentNotFoundException, Exception {
         User userFound = get(jpaTransactionContext, userId);
         if (userFound != null) {
-            userFound.setPasswd(getEncPassword(userId, password, userFound.getSalt()));
+            String salt = UUID.randomUUID().toString();
+            userFound.setPasswd(getEncPassword(userId, password, salt));
+            userFound.setSalt(salt);
             userFound.setUpdatedAtItem(new Date());
             if (logger.isDebugEnabled()) {
                 logger.debug("updated user=" + JaxbUtils.toString(userFound, User.class));