• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Liutauras Vilda
  • Jeanne Boyarsky
  • paul wheaton
Sheriffs:
  • Ron McLeod
  • Devaka Cooray
  • Henry Wong
Saloon Keepers:
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Tim Moores
  • Mikalai Zaikin
Bartenders:
  • Frits Walraven

problem adding email address for a non-admin user

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It seems to take any other information, but while editing my profile to add an email address as a non-administrator user, the email address did not persist even though the message said it's updated. For a user in admin group, it works. I don't see any permission settings for editing 'my profile'. Did I miss something during setup? Thanks!


[originally posted on jforum.net by jshiau]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It seems that it is an intentional behavior and can be duplicated here and we found the code that screens out the change. So, once a user registers, he can't change the email address? Since I don't see any way that administrator can maintain others profile through the console, that means recreating a new account in the case of email address changes? What is the reason behind this design? Thanks!
[originally posted on jforum.net by jshiau]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, it is perfectly possible to change the email address. You can try it with your account here at jforum.net

Rafael
[originally posted on jforum.net by Rafael Steil]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
It will only update the email address if the password information is provided correctly. So you have to write down the current password in the user profile fields again. Otherwise the change to the email address will be ignored.

So all you need to do is provide the pwd and it will make the change correctly ^^

Note: this may be troublesome in case of SSO implementation, when users do not know the forum specific sso password
[originally posted on jforum.net by Sid]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, it did updated here. RTFM! I didn't know we need to provide password when changing email address. Re-prompting password even already login does provide better security. However, I thought I saw some code that it won't even look at the email field if user is not in admin group.

And Sid was right about SSO though, we do implement that and hide the password fields. But at least I am clear on the issue. Thank you very much, guys!
[originally posted on jforum.net by jshiau]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Check out the userdao I think. That does the update command to the user. You simply can rewrite the code there .

I modified the code myself so that email updates can be written. I guess I linked this to the SSO setting - so that when sso I refuse to read the pwd info...

Fairly simple to make the change.

And yes, you are right about that it would not check for the password info when being admin. The reason is fairly simple: Admins may change ALL email addresses and ALL passwords. So it's useless to compare to the user specific password as the admin may not know the old one ;)

But that's still int he template. You have to look in the java file to make the magic happening.

Maybe Rapheal can add some config parameter that you can define wether or not the password should be necessary for updating the email field.
[originally posted on jforum.net by Sid]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Yes, it is in UserDAO which check if it's admin or password is provided or not. We are making the change right now. Our first choice is still get to corporate AD and automatically update the email as long as we take care of the corporate policy hurdle.

thanks again!
[originally posted on jforum.net by jshiau]
 
What a stench! Central nervous system shutting down. Save yourself tiny ad!
Gift giving made easy with the permaculture playing cards
https://coderanch.com/t/777758/Gift-giving-easy-permaculture-playing
reply
    Bookmark Topic Watch Topic
  • New Topic