public ActionForward execute( ActionMapping mapping, ActionForm form, HttpServletRequest request, HttpServletResponse response) throws Exception { User user = LegacySpringUtils.getUserManager().getLoggedInUser(); String suppliedOldPassword = BeanUtils.getProperty(form, "oldpassword"); String actualOldPassword = user.getPassword(); String hashedSuppliedOldPassword = LogonUtils.hashPassword(suppliedOldPassword); if (hashedSuppliedOldPassword.equals(actualOldPassword)) { user.setPassword(LogonUtils.hashPassword(BeanUtils.getProperty(form, "passwordPwd"))); user.setFirstlogon(false); LegacySpringUtils.getUserManager().save(user); AddLog.addLog( user.getUsername(), AddLog.PASSWORD_CHANGE, user.getUsername(), "", UserUtils.retrieveUsersRealUnitcodeBestGuess(user.getUsername()), ""); return mapping.findForward("success"); } else { request.setAttribute("error", "incorrect current password"); return mapping.findForward("input"); } }