public override void SetUserPassword( string username, sbyte[] password, bool requirePasswordChange )
{
try
{
User existingUser = GetUser( username );
_passwordPolicy.validatePassword( password );
if ( existingUser.Credentials().matchesPassword(password) )
{
throw new InvalidArgumentsException( "Old password and new password cannot be the same." );
}
try
{
User updatedUser = existingUser.Augment().withCredentials(LegacyCredential.forPassword(password)).withRequiredPasswordChange(requirePasswordChange).build();
lock ( this )
{
_userRepository.update( existingUser, updatedUser );
}
}
catch ( ConcurrentModificationException )
{
// try again
SetUserPassword( username, password, requirePasswordChange );
}
ClearCacheForUser( username );
}
finally
{
// Clear password
if ( password != null )
{
Arrays.fill( password, ( sbyte ) 0 );
}
}
}
public override User NewUser( string username, sbyte[] initialPassword, bool requirePasswordChange )
{
try
{
_userRepository.assertValidUsername( username );
_passwordPolicy.validatePassword( initialPassword );
User user = ( new User.Builder() ).withName(username).withCredentials(LegacyCredential.forPassword(initialPassword)).withRequiredPasswordChange(requirePasswordChange).build();
lock ( this )
{
_userRepository.create( user );
}
return user;
}
finally
{
// Clear password
if ( initialPassword != null )
{
Arrays.fill( initialPassword, ( sbyte ) 0 );
}
}
}
private User NewUser(string userName, string password, bool pwdChange)
{
return((new User.Builder(userName, LegacyCredential.forPassword(password))).withRequiredPasswordChange(pwdChange).build());
}
