>>>>Hi,
>>>>
>>>>is there a UI built into the framework to allow a user to change their password?
>>>
>>>Not a built in UI for that, but you can implement a form to do it easy enough.
>>>Tim
>>
>>Tim,
>>
>>I need a nudge in the right direction, please. I can't find any reference in the help file as to how to access the currently logged in User. I am assuming that one exists. I need this so that I can authenticate the user against the entered password before allowing the password to be changed. I figured I'd need something like this:
>>
>>

if oCurrentUser.Authenticate(password)
>>   // then I can change the password (after other checks of course

>
>Hi Frank,
>
>The current user is stored in a session object as mmUserSecurity_UserPK
>Here is some code I have in one page I did a long time ago to display the current user in the page.
>
>

>object UserPk = Session["mmUserSecurity_UserPk"];
>
>DataSet dsUser = mmAppBase.SecurityMgr.oUser.GetUserByPK(UserPk);
>string userFirstName = dsUser.Tables[0].Rows[0]["FirstName"].ToString();
>string userLastName = dsUser.Tables[0].Rows[0]["LastName"].ToString();
>
>this.lblCurrentMember.Text = "Welcome: " + userFirstName + " " + userLastName;
>

>
>The other thing is protect or secure the page to change their password so they can't do it unless they are already authenticated. Then make them enter the old password and the new one twice. That way you have lots of checks to make sure you are changing the correct user and password.
>Tim

Thanks Tim,

I have the page protected and force them to enter the old password and the new one twice. Thanks to the Session["mmUserSecurity_UserPk"] I can now verify the old password, but how do I save the new one? I assume I need to store the session back with the new password, but I don't see how I save a DataSet. Do I need to create a user business object, populate it with the data from the session, change the password and then save the BO? Or is there another way?