- SimpleCredentials sp = new SimpleCredentials(
- userDetails.getUsername(), newPassword.toCharArray());
- CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
- .getCredentials();
- if (!credentials.matches(sp))
- user.changePassword(new String(newPassword));
+ if (newPassword.startsWith("{SHA-256}")) {
+ // Already hashed password
+ throw new CmsException("Cannot import hashed password");
+ // Value v = adminSession.getValueFactory().createValue(
+ // newPassword);
+ // user.setProperty(REP_PASSWORD, v);
+ // TODO find a way to deal w/ protected property
+ // see
+ // http://jackrabbit.apache.org/api/2.2/org/apache/jackrabbit/core/security/user/UserImporter.html
+ } else {
+ SimpleCredentials sp = new SimpleCredentials(
+ userDetails.getUsername(),
+ newPassword.toCharArray());
+ CryptedSimpleCredentials credentials = (CryptedSimpleCredentials) user
+ .getCredentials();
+
+ if (!credentials.matches(sp))
+ user.changePassword(new String(newPassword));
+ }