need to use own authentication method, to be able to auth user forced to change password and need to always recheck flag, if user are forced to change password, as otherwise he will be prompt again after changing it

This commit is contained in:
Ralf Becker 2013-07-15 20:29:49 +00:00
parent 526c938eec
commit b54aef66e4
2 changed files with 3 additions and 3 deletions

View File

@ -76,11 +76,11 @@ class auth
// retrieve the timestamp regarding the last change of the password from auth system and store it with the session // retrieve the timestamp regarding the last change of the password from auth system and store it with the session
static $alpwchange_val; static $alpwchange_val;
static $pwdTsChecked; static $pwdTsChecked;
if (is_null($pwdTsChecked) && is_null($alpwchange_val)) if (is_null($pwdTsChecked) && is_null($alpwchange_val) || (string)$alpwchange_val === '0')
{ {
$alpwchange_val =& egw_cache::getSession('phpgwapi','auth_alpwchange_val'); // set that one with the session stored value $alpwchange_val =& egw_cache::getSession('phpgwapi','auth_alpwchange_val'); // set that one with the session stored value
// initalize statics - better readability of conditions // initalize statics - better readability of conditions
if (is_null($alpwchange_val)) if (is_null($alpwchange_val) || (string)$alpwchange_val === '0')
{ {
$backend_class = 'auth_'.$GLOBALS['egw_info']['server']['auth_type']; $backend_class = 'auth_'.$GLOBALS['egw_info']['server']['auth_type'];
$backend = new $backend_class; $backend = new $backend_class;

View File

@ -207,7 +207,7 @@ class auth_ads implements auth_backend
$username = $GLOBALS['egw']->accounts->id2name($account_id); $username = $GLOBALS['egw']->accounts->id2name($account_id);
} }
// Check the old_passwd to make sure this is legal // Check the old_passwd to make sure this is legal
if(!$admin && !$adldap->authenticate($username, $old_passwd)) if(!$admin && !$this->authenticate($username, $old_passwd))
{ {
//error_log(__METHOD__."() old password '$old_passwd' for '$username' is wrong!"); //error_log(__METHOD__."() old password '$old_passwd' for '$username' is wrong!");
return false; return false;