ChangePasswordServlet: Enforce minimum password life time and Current Password Required issue

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Set the challenge.enforceMinimumPasswordLifetime to false
2. Set the password.change.requireCurrent to NOTEXPIRED
3. Try to use the forgotten password module

What is the expected output? What do you see instead?
After answering the Challenges, I would expect that I'm allowed to change my 
password although the Minimumm Password Life Time is not met. Instead I get a 
PWM error: 4033 PASSWORD_TOO_SOON

Proposed solution
The ChangePasswordServlet contains logic for the check on 
challenge.enforceMinimumPasswordLifetime, but It was commented out. I've 
reenabled that code. Also the determineIfCurrentPasswordRequired did not have 
to correct logic if password.change.requireCurrent == NOTEXPIRED.

Original issue reported on code.google.com by sebastia...@gmail.com on 30 May 2013 at 10:46

[GoogleCodeExporter]

Attached a patch against trunk

Original comment by sebastia...@gmail.com on 30 May 2013 at 10:48

Attachments:

• pwm-issue-401.diff

[GoogleCodeExporter]

Should be addressed in revision 571, however many other changes were made as 
well.  Please retest and re-open if you still have this bug.

Original comment by jrivard on 5 Jun 2013 at 7:58

• Changed state: Fixed
• Added labels: Type-Defect
• Removed labels: Type-Help