From 6e88703af42520c4cdfc71930f443523f55966d6 Mon Sep 17 00:00:00 2001
From: Mike McKay <mfmckay@wustl.edu>
Date: Mon, 30 May 2016 16:17:25 -0500
Subject: [PATCH] Made changes to require salted preference take effect.

---
 .../java/org/nrg/xnat/security/XnatExpiredPasswordFilter.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/org/nrg/xnat/security/XnatExpiredPasswordFilter.java b/src/main/java/org/nrg/xnat/security/XnatExpiredPasswordFilter.java
index 90847a01..e6be0dbd 100644
--- a/src/main/java/org/nrg/xnat/security/XnatExpiredPasswordFilter.java
+++ b/src/main/java/org/nrg/xnat/security/XnatExpiredPasswordFilter.java
@@ -183,8 +183,8 @@ public class XnatExpiredPasswordFilter extends GenericFilterBean {
                         chain.doFilter(req, res);
                     } else if (user.isEnabled()) {
                         boolean isExpired = checkForExpiredPassword(user);
-
-                        if ((!isUserNonExpiring(user) && isExpired) || (_initializerPreferences.getRequireSaltedPasswords() && user.getSalt() == null)) {
+                        boolean requireSalted = useSiteConfigPrefs? XDAT.getSiteConfigPreferences().getRequireSaltedPasswords() : _initializerPreferences.getRequireSaltedPasswords();
+                        if ((!isUserNonExpiring(user) && isExpired) || (requireSalted && user.getSalt() == null)) {
                             request.getSession().setAttribute("expired", isExpired);
                             response.sendRedirect(TurbineUtils.GetFullServerPath() + changePasswordPath);
                         } else {
-- 
GitLab