diff --git a/config/Privilege.xml b/config/Privilege.xml
index 2cfaf41e1..b37070a5a 100644
--- a/config/Privilege.xml
+++ b/config/Privilege.xml
@@ -28,6 +28,7 @@ along with Privilege. If not, see .
+
@@ -38,7 +39,7 @@ along with Privilege. If not, see .
-
+
diff --git a/src/main/java/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java b/src/main/java/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java
index a152e8cbd..4c45f060f 100644
--- a/src/main/java/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java
+++ b/src/main/java/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java
@@ -67,6 +67,11 @@ import ch.eitchnet.privilege.policy.PrivilegePolicy;
*/
public class DefaultPrivilegeHandler implements PrivilegeHandler {
+ /**
+ * configuration parameter to define automatic persisting on password change
+ */
+ private static final String PARAM_AUTO_PERSIST_ON_PASSWORD_CHANGE = "autoPersistOnPasswordChange";
+
/**
* log4j logger
*/
@@ -107,6 +112,11 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
*/
private boolean initialized;
+ /**
+ * flag to define if a persist should be performed after a user changes their password
+ */
+ private boolean autoPersistOnPasswordChange;
+
/**
* @see ch.eitchnet.privilege.handler.PrivilegeHandler#getRole(java.lang.String)
*/
@@ -624,6 +634,11 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
// delegate user replacement to persistence handler
this.persistenceHandler.addOrReplaceUser(newUser);
+ // perform automatic persisting, if enabled
+ if (this.autoPersistOnPasswordChange) {
+ this.persistenceHandler.persist();
+ }
+
} finally {
clearPassword(password);
}
@@ -997,6 +1012,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
this.encryptionHandler = encryptionHandler;
this.persistenceHandler = persistenceHandler;
+ String autoPersistS = parameterMap.get(PARAM_AUTO_PERSIST_ON_PASSWORD_CHANGE);
+ if (autoPersistS == null || autoPersistS.equals(Boolean.FALSE.toString())) {
+ this.autoPersistOnPasswordChange = false;
+ } else if (autoPersistS.equals(Boolean.TRUE.toString())) {
+ this.autoPersistOnPasswordChange = true;
+ logger.info("Enabling automatic persistence on password change.");
+ } else {
+ logger.error("Parameter " + PARAM_AUTO_PERSIST_ON_PASSWORD_CHANGE + " has illegal value " + autoPersistS
+ + ". Overriding with " + Boolean.FALSE.toString());
+ }
+
// validate policies on privileges of Roles
for (Role role : persistenceHandler.getAllRoles()) {
validatePolicies(role);