Index: lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java
===================================================================
RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java,v
diff -u -r1.14.2.7 -r1.14.2.8
--- lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java	29 Nov 2016 10:23:21 -0000	1.14.2.7
+++ lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java	30 Nov 2016 03:24:25 -0000	1.14.2.8
@@ -38,6 +38,7 @@
 import org.lamsfoundation.lams.util.CentralConstants;
 import org.lamsfoundation.lams.util.HashUtil;
 import org.lamsfoundation.lams.util.MessageService;
+import org.lamsfoundation.lams.util.ValidationUtil;
 import org.lamsfoundation.lams.util.audit.IAuditService;
 import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.support.WebApplicationContextUtils;
@@ -107,6 +108,11 @@
 			errors.add("password", new ActionMessage("error.password.empty"));
 			PasswordChangeAction.log.debug("new password cannot be empty");
 		    }
+		    if (!ValidationUtil.isPasswordValueValid(password, passwordConfirm)) {
+			errors.add("password", new ActionMessage("label.password.restrictions"));
+			PasswordChangeAction.log.debug("Password must follow the restrictions");
+		    }
+
 		    if (errors.isEmpty()) {
 			String salt = HashUtil.salt();
 			user.setSalt(salt);
@@ -142,7 +148,7 @@
 	    // If no input page, use error forwarding
 	    return (mapping.findForward("error.system"));
 	}
-	request.setAttribute("redirectURL",passwordChangeForm.getRedirectURL());
+	request.setAttribute("redirectURL", passwordChangeForm.getRedirectURL());
 	return mapping.findForward("okay");
 
     }