In a Spring Boot 1.5.9 application, I have a reset my password. Using a token, I am able to identify the user that is resetting he's password.
This is how I update a password of a connected user:
public void updatePassword(User entity) {
if (null != entity.getOldPassword() && null != entity.getPassword()) {
userDetailsService.changePassword(entity.getOldPassword(), encrypt(entity.getPassword()));
}
}
I use LdapUserDetailsManager userDetailsService, from spring security ldap 4.2.3.RELEASE, I do not see any method to reset the password of an user I have the username from.
How can I reset a password using the username (or uid in ldap)?
The solution was in this post: https://tech.wrighting.org/2013/06/06/using-the-ldap-password-modify-extended-operation-with-spring-ldap/
This is how I did:
DistinguishedName dn = new DistinguishedName(dn_string);
Attribute passwordAttribute = new BasicAttribute(passwordAttr,
newPassword);
ModificationItem[] modificationItems = new ModificationItem[1];
modificationItems[0] = new ModificationItem(
DirContext.REPLACE_ATTRIBUTE, passwordAttribute);
/*
Attribute userPasswordChangedAttribute = new BasicAttribute(
LDAP_PASSWORD_CHANGE_DATE, format.format(convertToUtc(null)
.getTime()) + "Z");
ModificationItem newPasswordChanged = new ModificationItem(
DirContext.REPLACE_ATTRIBUTE, userPasswordChangedAttribute);
modificationItems[1] = newPasswordChanged;
*/
getLdapTemplate().modifyAttributes(dn, modificationItems);
I prefered this method since the version I am using of spring security ldap is not using the password overlay to change the password, for more consistency with it, otherwise, if you are using a more recent version of spring security ldap, prefer the second way of doing it.