commit | a4d492918b04cbde4c570f43ad0ee4f3c461a958 | [log] [tgz] |
---|---|---|
author | fmartelli <fabio.martelli@gmail.com> | Thu Sep 01 16:04:20 2016 +0200 |
committer | fmartelli <fabio.martelli@gmail.com> | Thu Sep 01 16:04:20 2016 +0200 |
tree | a32329ecde83ecd60642aa9070f471c185f8dfcc | |
parent | 162ff5707922c48e2665df8730b6fb87433500d2 [diff] |
[SYNCOPE-928] check existing password before store the new one
diff --git a/core/src/main/java/org/apache/syncope/core/persistence/validation/entity/SyncopeUserValidator.java b/core/src/main/java/org/apache/syncope/core/persistence/validation/entity/SyncopeUserValidator.java index e471f0e..5b98783 100644 --- a/core/src/main/java/org/apache/syncope/core/persistence/validation/entity/SyncopeUserValidator.java +++ b/core/src/main/java/org/apache/syncope/core/persistence/validation/entity/SyncopeUserValidator.java
@@ -74,7 +74,8 @@ } // update user's password history with encrypted password - if (maxPPSpecHistory > 0 && object.getPassword() != null) { + if (maxPPSpecHistory > 0 && object.getPassword() != null + && !object.getPasswordHistory().contains(object.getPassword())) { object.getPasswordHistory().add(object.getPassword()); } // keep only the last maxPPSpecHistory items in user's password history