[399306] [Security] Add password managementbugs/399306

https://bugs.eclipse.org/bugs/show_bug.cgi?id=399306

Allow users that do not currently have a password to set a password.

1 files changed, 3 insertions, 6 deletions

diff --git a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java
index d110fbfc54..2fdd001f07 100644
--- a/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java
+++ b/plugins/org.eclipse.emf.cdo.net4j/src/org/eclipse/emf/cdo/internal/net4j/protocol/ChangeCredentialsIndication.java
@@ -92,10 +92,7 @@ public class ChangeCredentialsIndication extends IndicationWithMonitoring
       }
 
       String authUserID = credentials.getUserID();
-      if (StringUtil.isEmpty(authUserID))
-      {
-        throw new IllegalStateException("No userID provided"); //$NON-NLS-1$
-      }
+      // don't require the current credentials because the user may not have any, yet
 
       String authPassword = new String(credentials.getPassword());
       if (StringUtil.isEmpty(authPassword))
@@ -123,8 +120,8 @@ public class ChangeCredentialsIndication extends IndicationWithMonitoring
       case RESET_PASSWORD:
         stream.writeString(authUserID);
         stream.writeString(authPassword);
-      stream.writeString(userID);
-      stream.writeString(newPassword);
+        stream.writeString(userID);
+        stream.writeString(newPassword);
         break;
       }