I am trying to do a change password request using the Jackrabbit User Manager with the REST URL /system/userManager/user/<username>.changePassword.json. The problem I am having is that this request requires an oldPwd form param in the request. The issue is that when I am trying to do this request it is in response to the user selecting "Forgot Password" so our logic has created a random password which we then email to the user so they can use that the next time they want to login. We need to change that user's password in CRX so they can log in using it next time. Since they haven't logged in there is no session, NOT the problem. THE PROBLEMS, I don't know 1. how to use the userManager to get that user's old password, since /system/userManager/user/<username>.json doesn't appear to return the password and 2. if I could get the old password it most certainly will be encoded, some how, so I will need some decoding algorithm to pass it through in order to get the actual password to set as the oldPwd form param to my change password request. Please let me know if you require any further explanation. Any assistance would be greatly appreciated. Thank you, in advance, for your assistance.
Sincerely,
Mike Sucena