OpenWGA 7.0 - TMLScript reference

Auth
Method :

changeSessionPassword(newPassword)

On object Auth
Usage Changes the users password on the current web session
Description This method should be used on "password self service" applications where users are able to change their login password on the authentication backend. After that is done his old password, which he has used before to login to the system, is still stored and present on his web session but no longer matches the changed password.

Calling this method after the password change will also change the stored password on the web session and therefor prevent the user from being logged out.

For backward compatibility there still is a method "changeSessionPassword()" available on TMLContext whose use is discouraged since OpenWGA 5.3.

Parameters newPassword (String):
The new password
Allowed in script types
  • WebTML pages and normal WebTML actions
Examples The following script stores a form to a user definition document of an authentication content store which is effectively going to change the password of this user. The user himself is going to trigger this script, therefor his session password is to be changed too.

Therefor the method changeSessionPassword() is used here. It retrieves the new password from the WebTML form object as field "newpassword". It uses the entered value of that password because the parsed value may already be password-hashed for storage and may no longer be the original password.

<tml:action id="save">
if (tmlform.storeInContent()) {
    WGA.domain("default").auth().changeSessionPassword(tmlform.enteredValue("newpassword"));
}
</tml:action>