5 User Management Model ToC Previous

5.2 UserManagementType ToC Previous Next

5.2.8 ChangePassword Method ToC Previous Next

This Method is used to change the password of the user for the Session used to call the Method. The Method shall fail with Bad_InvalidState if the user token type for the Session is not USERNAME.

Even if the Method is not browsable through a hierarchy for the Session user, it shall be accessible and callable by the Session user with the well defined NodeIds for the UserManagement Object and the ChangePassword Method.

This Method affects security and shall only be browseable and callable through an encrypted channel. It shall be callable by the Session user if the user token type for the Session is not USERNAME, even if the Role for the user is Anonymous.

Signature

ChangePassword (
[in]	String 		OldPassword,
[in]	String 		NewPassword
);

Argument Description
OldPassword The old password for the Session user.
NewPassword    The new password for the Session user. It is receommended that the user interface for entering the new password requires to enter the password twice to avoid typos.The Server can apply additional restrictions to the accepted password in addition to the one indicated by PasswordOptionMask.

Method Result Codes

ResultCode Description
Bad_IdentityTokenInvalid The old password is not valid.
Bad_OutOfRange The new password is outside the valid range of accepted length and characters.
Bad_InvalidState The caller is not authenticated with a USERNAME user token.
Bad_NotSupported The password cannot be changed due to NoChangeByUser user configuration mask setting.
Bad_SecurityModeInsufficient The communication channel is not using encryption.
Bad_BadAlreadyExists The new password matches the old password.

Previous Next