Function to confirm current users password

I have approval processes where I have a requirement for the user to enter their password to confirm their identity when making a change of approval status (so someone else at their logged-in workstation hasn't made the change in their absence). Mx obviously has a function to confirm the password used when you initially log in - is there similar functionality available for an already logged-in user. I would like the function to return a boolean value that I can use in workflow, if the value entered is incorrect, I do NOT wish to log out the current user, and I do not wish to store encrypted copies of password strings anywhere. If I have LDAP authentication, I want it to check against the LDAP login. I know something like what I want must exist in Mx for the initial login process, but is it exposed as a function I can access?
2 answers

Using a Java action and looking at the Mendix API Javadoc, it seems you can do something like this (didn't test it):

import com.mendix.core.Core;
import com.mendix.systemwideinterfaces.core.IContext;
import com.mendix.systemwideinterfaces.core.IUser;
import com.mendix.systemwideinterfaces.core.UserAction;

public class AuthenticateCurrentUser extends UserAction<Boolean>
    private String password;

    public AuthenticateCurrentUser(String password)
        this.password = password;

    public Boolean executeAction() throws Exception
        // BEGIN USER CODE

        final IContext context = this.getContext();
        final IUser user = context.getSession().getUser();

        return Core.authenticate(context, user, this.password);

        // END USER CODE

Note that this requires Mendix version 2.5, as the authenticate method wasn't available in 2.4.


Use the inbuilt java action System.VerifyPassword.