| | |
|---|
| | |
|
|---|
| | | String digesterClassName = getServletContext().getInitParameter(P_DIGESTER);
|
|---|
| | | Digester digester = (Digester) Class.forName(digesterClassName).newInstance();
|
|---|
| | | /*
|
|---|
| | | MD5 geht nicht mehr,
|
|---|
| | | vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5
|
|---|
| | | */
|
|---|
| | | String digestedCurrentPw = digester.digest(currentPw, Digester.SHA256, null);
|
|---|
| | | PersistenceManager pm = getDb();
|
|---|
| | | logger.fine(getSql(SQL_GET_USER));
|
|---|
| | | List list = pm.select(getSql(SQL_GET_USER), getMapper(MP_USER), Record.WITHOUT_BLOBS, userId);
|
|---|
| | |
|---|
| | | Object o = list.get(0);
|
|---|
| | | if(o instanceof User) {
|
|---|
| | | User u = (User) o;
|
|---|
| | | if(u.getPw().equals(digestedCurrentPw)) {
|
|---|
| | | if(digester.matches(currentPw, u.getPw(), Digester.SHA256, null)) {
|
|---|
| | | String digestedNewPw = digester.digest(newPw, Digester.SHA256, null);
|
|---|
| | | u.setPw(digestedNewPw);
|
|---|
| | | pm.update(u, getMapper(MP_USER));
|
|---|
