@Override
public int updatePassword(String sourcePassword, String newPassword, String confirPassword) {
// 参数校验
if(sourcePassword == null ||" " .equals(sourcePassword))
throw new IllegalArgumentException("初始密码不能为空");
if (newPassword ==null || "" .equals(newPassword))
throw new IllegalArgumentException("新密码不能为空");
if(!newPassword.equals(confirPassword))
throw new IllegalArgumentException("前后输出的两次明码不同");
SysUser principal = (SysUser) SecurityUtils.getSubject().getPrincipal();
SimpleHash sh = new SimpleHash("MD5", sourcePassword, principal.getSalt(), 1);
if (!principal.getPassword().equals(sh.toHex()))
throw new IllegalArgumentException("原始明码不正确");
~~~~
String newSalt = UUID.randomUUID().toString();
sh = new SimpleHash("MD5",newPassword,newSalt,1);
String newHashedPassword = sh.toHex();
int rows = sysUserDao.updatePassword(newHashedPassword, newSalt, principal.getId());
return rows;