@Override public void onChangePassword( GwtConversation conversation, String oldPassword, String newPassword) { User user = conversation.getSession().getUser(); if (!user.matchesPassword(oldPassword)) throw new WrongPasswordException(); user.setPassword(newPassword); log.info("password changed by", user); }
@Override public void onResetPassword(GwtConversation conversation, String userId) { if (!conversation.getSession().getUser().isAdmin()) throw new PermissionDeniedException(); User user = userDao.getById(userId); if (webApplication.getSystemConfig().isSmtpServerSet() && user.isEmailSet()) { user.triggerPasswordReset(); } else { user.setPassword(webApplication.getSystemConfig().getDefaultUserPassword()); } }