This page last changed on Jun 18, 2010 by gcheck.

This page describes a way of preventing your user from changing their passwords. In this way, you can ensure that all passwords are only set from Confluence Admin.

Customisations are not supported
Note that Atlassian support does not cover customisations to Velocity files, such as those described on this page.
LDAP Passwords are not set by Confluence
Note that Confluence does not manage LDAP Users.
All files should be located under <confluence-home>\confluence\users.

Removing the User Password Option.

To remove the option that allows people to select a new password, you will need to edit the Velocity template (.vm file) as described below.

  1. Locate your changemypassword.vm file under
    <confluence_home>\confluence\users\changemypassword.vm
  2. Edit this file with your favorite editor, such as Wordpad, Notepad or Notepad++ (recommended). The file looks something like this:

<html>
<head>
<title>$generalUtil.htmlEncode($pageTitle)</title>
#requireResource("confluence.web.resources:aui-forms")
</head>

#applyDecorator("root")
#decoratorParam("context" "profile")
#decoratorParam("mode" "edit-profile")
#decoratorParam("helper" $action.helper)

<body>

<div class="padded">
#if ($settingsManager.getGlobalSettings().isExternalUserManagement())
$action.getText("cannot.change.password.users.outside")
#elseif(!$userAccessor.isReadOnly($remoteUser))
#applyDecorator("form-aui")
#decoratorParam("formName" "changepassword")
#decoratorParam("submitAction" "dochangemypassword.action")
#decoratorParam("editAction" "changemypassword.action")
#decoratorParam("editMode" "$editMode")
#decoratorParam("saveValue" "Save")
#form_xsrfToken()

<fieldset>
#tag( "Password" "label='cur.pass.name'" "name='currentPassword'" "theme='aui'")
#tag( "Password" "label='new.pass.name'" "name='newPassword'" "theme='aui'")
#tag( "Password" "label='new.pass.confirm.name'" "name='newPasswordConfirmation'" "theme='aui'")
#tag( "Submit" "theme='aui'" "name='Test'")
</fieldset>
#end
#end
</div>
</body>

#end
</html>

  1. Add a comment, as shown below, replacing the block that starts with "<fieldset..." and ends with "</fieldset>". After the edit, you should have something like this:

<html>
<head>
<title>$generalUtil.htmlEncode($pageTitle)</title>
#requireResource("confluence.web.resources:aui-forms")
</head>

#applyDecorator("root")
#decoratorParam("context" "profile")
#decoratorParam("mode" "edit-profile")
#decoratorParam("helper" $action.helper)

<body>

<div class="padded">
#if ($settingsManager.getGlobalSettings().isExternalUserManagement())
$action.getText("cannot.change.password.users.outside")
#elseif(!$userAccessor.isReadOnly($remoteUser))
#applyDecorator("form-aui")
#decoratorParam("formName" "changepassword")
#decoratorParam("submitAction" "dochangemypassword.action")
#decoratorParam("editAction" "changemypassword.action")
#decoratorParam("editMode" "$editMode")
#decoratorParam("saveValue" "Save")
#form_xsrfToken()

<h1>Dear User,</h1><br>
<p><font size="3" color="red">You cannot change your password, this is disabled.<br>
Please continue to use your actual password<br>
If you have any complains contact the Admin.<br>
Regards your Admin.<br></font></p>

#end
#end
</div>
</body>

#end
</html>

  1. Save the file. You can reload your page and see the changes. There is no need to restart Confluence.

After following the above steps, you will have something like this:

Congratulations, that's it
Have a candy!

changepassword.jpg (image/jpeg)
Document generated by Confluence on Mar 16, 2011 18:50