Fix problem when password is modified, the operational attribute pwdChanged...

dugan

27.55.2007 33daa7cc5afa919434227178c397da412068f5a0

 opends/src/server/org/opends/server/core/ModifyOperation.java

@@ -1232,7 +1232,6 @@
        boolean currentPasswordProvided = false;
        boolean isEnabled = true;
        boolean enabledStateChanged = false;
        boolean wasLocked = false;
        int numPasswords;
        if (currentEntry.hasAttribute(
                pwPolicyState.getPolicy().getPasswordAttribute()))
@@ -1275,44 +1274,6 @@
              break;
            }
          }

          if (passwordChanged)
          {
            // See if the account was locked for any reason.
            wasLocked = pwPolicyState.lockedDueToIdleInterval() ||
                        pwPolicyState.lockedDueToMaximumResetAge() ||
                        pwPolicyState.lockedDueToFailures();

            // Update the password policy state attributes in the user's entry.
            // If the modification fails, then these changes won't be applied.
            pwPolicyState.setPasswordChangedTime();
            pwPolicyState.clearFailureLockout();
            pwPolicyState.clearGraceLoginTimes();
            pwPolicyState.clearWarnedTime();

            if (pwPolicyState.getPolicy().forceChangeOnAdd() ||
                pwPolicyState.getPolicy().forceChangeOnReset())
            {
              pwPolicyState.setMustChangePassword(! selfChange);
            }

            if (pwPolicyState.getPolicy().getRequireChangeByTime() > 0)
            {
              pwPolicyState.setRequiredChangeTime();
            }

            modifications.addAll(pwPolicyState.getModifications());
          }
          else if(pwPolicyState.mustChangePassword())
          {
            // The user will not be allowed to do anything else before
            // the password gets changed.
            setResultCode(ResultCode.UNWILLING_TO_PERFORM);

            int msgID = MSGID_MODIFY_MUST_CHANGE_PASSWORD;
            appendErrorMessage(getMessage(msgID));
            break modifyProcessing;
          }
        }


@@ -2375,6 +2336,45 @@
          break modifyProcessing;
        }

        boolean wasLocked = false;
        if (passwordChanged)
        {
            // See if the account was locked for any reason.
            wasLocked = pwPolicyState.lockedDueToIdleInterval() ||
                    pwPolicyState.lockedDueToMaximumResetAge() ||
                    pwPolicyState.lockedDueToFailures();

            // Update the password policy state attributes in the user's entry.
            // If the modification fails, then these changes won't be applied.
            pwPolicyState.setPasswordChangedTime();
            pwPolicyState.clearFailureLockout();
            pwPolicyState.clearGraceLoginTimes();
           pwPolicyState.clearWarnedTime();

            if (pwPolicyState.getPolicy().forceChangeOnAdd() ||
                    pwPolicyState.getPolicy().forceChangeOnReset())
            {
                pwPolicyState.setMustChangePassword(! selfChange);
            }

            if (pwPolicyState.getPolicy().getRequireChangeByTime() > 0)
            {
                pwPolicyState.setRequiredChangeTime();
            }

            modifications.addAll(pwPolicyState.getModifications());
        }
        else if(pwPolicyState.mustChangePassword())
        {
            // The user will not be allowed to do anything else before
            // the password gets changed.
            setResultCode(ResultCode.UNWILLING_TO_PERFORM);

            int msgID = MSGID_MODIFY_MUST_CHANGE_PASSWORD;
            appendErrorMessage(getMessage(msgID));
            break modifyProcessing;
        }

        // Make sure that the new entry is valid per the server schema.
        if (DirectoryServer.checkSchema())
        {
@@ -2390,7 +2390,6 @@
          }
        }


        // Check for and handle a request to cancel this operation.
        if (cancelRequest != null)
        {