Details
-
Bug
-
Status: Closed
-
Trivial
-
Resolution: Fixed
-
2.6.3
-
None
Description
I use an NTLM servlet filter for authentication. I didn't uncomment container-managed section in web.xml. Instead,
I subclass WebContainerAuthorizer to disable web.xml processing. This gives me a very simple container-managed
authentication/authroization environment.
User profile now has only two editable fields: Name and Email Address. However, save profile failed
because in this unique combination, both password and existingPassword are null.
In file com.ecyrd.jspwiki.auth.user.JDBCUserDatabase.save(...), line 598
if ( !password.equals( existingPassword ) )
will result exception because password is null.
possible solution: (1) check password is null or not at line 598, or (2) if password is null, make it an empty string before line 598.
I don't know if (1) or (2) will cause any side impact or not.