Index: forgon-core/src/main/java/com/forgon/security/action/UserAction.java
===================================================================
diff -u -r22164 -r22262
--- forgon-core/src/main/java/com/forgon/security/action/UserAction.java	(.../UserAction.java)	(revision 22164)
+++ forgon-core/src/main/java/com/forgon/security/action/UserAction.java	(.../UserAction.java)	(revision 22262)
@@ -1,5 +1,7 @@
 package com.forgon.security.action;
 
+import java.io.IOException;
+
 import net.sf.json.JSONArray;
 import net.sf.json.JSONObject;
 
@@ -36,6 +38,25 @@
 		this.userManager = userManager;
 	}
 
+	/**
+	 * 根据用户id判断是否已经修改密码
+	 */
+	public String isUnmodifiedPwdByUser(){
+		StrutsParamUtils.getResponse().setCharacterEncoding("utf8");
+		User user = userManager.getCurrentUser();
+		Boolean flag = false;
+		if(user != null){
+			flag = user.getIsUnmodifiedPwd();
+		}
+		try {
+			StrutsParamUtils.getResponse().getWriter().print("{success:true,message:"+ flag +"}");
+		} catch (IOException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+		return null;
+	}
+	
 	public void loadUsersBySearchString() {
 		String searchString = StrutsParamUtils.getPraramValue("spell", "");
 		String orgUnitCoding = AcegiHelper.getLoginUser().getCurrentOrgUnitCode();
Index: ssts-web/src/main/webapp/js/common.js
===================================================================
diff -u -r22157 -r22262
--- ssts-web/src/main/webapp/js/common.js	(.../common.js)	(revision 22157)
+++ ssts-web/src/main/webapp/js/common.js	(.../common.js)	(revision 22262)
@@ -1992,7 +1992,7 @@
  * @return
  */
 function testPasswordReg(pwd){
-	if(pwd.length<8||!/[0-9]+/.test(pwd)||!/[a-zA-Z]+/.test(pwd)){
+	if(pwd.length<6||!/[0-9]+/.test(pwd)||!/[a-zA-Z]+/.test(pwd)){
 		return true;
 	}
 	return false;
Index: forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java
===================================================================
diff -u -r12335 -r22262
--- forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java	(.../PersonalSettingAction.java)	(revision 12335)
+++ forgon-core/src/main/java/com/forgon/directory/action/PersonalSettingAction.java	(.../PersonalSettingAction.java)	(revision 22262)
@@ -45,28 +45,35 @@
 	public void setNewPassword(String newPassword) {
 		this.newPassword = newPassword;
 	}
-	
 	public String save() {
+		HttpServletResponse response = StrutsParamUtils.getResponse();
+		response.setCharacterEncoding("UTF-8");
 		Long id = AcegiHelper.getLoginUser().getUserId();
-		
 		User user = personalSettingManager.getUserByproperty("id", id);
-		PasswordEncoder passwordEncoder = new Md5PasswordEncoder();
-		boolean passwdEquals = user.getPasswd().equals(passwordEncoder.encodePassword(oldPassword, null));
-		if(passwdEquals){
-			user.setPasswd(newPassword);
-			try{
-				personalSettingManager.modifyPersonalPassWord(user);
-			}catch (Exception e) {
-				passwdEquals = false;
+		if(newPassword.length()<6){
+			try {
+				response.getWriter().print("{success:false,message:'新的密码至少6位，请重新设置！'}");
+			} catch (IOException e) {
+				// TODO Auto-generated catch block
+				e.printStackTrace();
 			}
+		}else{
+			PasswordEncoder passwordEncoder = new Md5PasswordEncoder();
+			boolean passwdEquals = user.getPasswd().equals(passwordEncoder.encodePassword(oldPassword, null));		
+			if(passwdEquals){
+				user.setIsUnmodifiedPwd(true);
+				user.setPasswd(newPassword);
+				try{
+					personalSettingManager.modifyPersonalPassWord(user);
+				}catch (Exception e) {
+					passwdEquals = false;
+				}
+			}
+			try {
+				response.getWriter().print("{success:"+passwdEquals+"}");
+			} catch (IOException e) {
+			}
 		}
-		
-		HttpServletResponse response = StrutsParamUtils.getResponse();
-		try {
-			response.setCharacterEncoding("UTF-8");
-			response.getWriter().print("{success:"+passwdEquals+"}");
-		} catch (IOException e) {
-		}
 		return null;
 	}
 	
Index: forgon-core/src/main/java/com/forgon/security/service/UserManager.java
===================================================================
diff -u -r22164 -r22262
--- forgon-core/src/main/java/com/forgon/security/service/UserManager.java	(.../UserManager.java)	(revision 22164)
+++ forgon-core/src/main/java/com/forgon/security/service/UserManager.java	(.../UserManager.java)	(revision 22262)
@@ -90,4 +90,10 @@
 	 * @return
 	 */
 	public Set<Role> getAllRolesByUser(User user);
+	
+	/**
+	 * 获取当前登录用户，以获取当前用户是否已经修改过密码
+	 * @return
+	 */
+	public User getCurrentUser();
 }
Index: ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByExt.js
===================================================================
diff -u -r12331 -r22262
--- ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByExt.js	(.../showModifyPWDWindowByExt.js)	(revision 12331)
+++ ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByExt.js	(.../showModifyPWDWindowByExt.js)	(revision 22262)
@@ -62,10 +62,10 @@
 			return false;
 		}
 		//暂时屏蔽验证复杂密码
-		if (false && testPasswordReg(Ext.getCmp('newPassword').getValue())) {
+		if (testPasswordReg(Ext.getCmp('newPassword').getValue())) {
 			Ext.MessageBox.show({
 				title : '错误提示',
-				msg : '密码必须是数字与字母组合，长度不小于8！',
+				msg : '密码必须是数字与字母组合，长度不小于6！',
 				buttons : Ext.Msg.OK,
 				icon : Ext.Msg.ERROR
 			});
Index: forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java
===================================================================
diff -u -r22164 -r22262
--- forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java	(.../UserManagerImpl.java)	(revision 22164)
+++ forgon-core/src/main/java/com/forgon/security/service/UserManagerImpl.java	(.../UserManagerImpl.java)	(revision 22262)
@@ -25,6 +25,7 @@
 import com.forgon.directory.model.BarcodeDevice;
 import com.forgon.directory.model.OrgUnit;
 import com.forgon.directory.model.OrgUserRelation;
+import com.forgon.directory.vo.LoginUserData;
 import com.forgon.security.model.Operation;
 import com.forgon.security.model.Role;
 import com.forgon.security.model.User;
@@ -154,8 +155,8 @@
 	}
 	@Override
 	public void save(User user) {
+		PasswordEncoder passwordEncoder = new Md5PasswordEncoder();
 		if (StringUtils.isNotEmpty(user.getPasswd())) {
-			PasswordEncoder passwordEncoder = new Md5PasswordEncoder();
 			user.setPasswd(passwordEncoder.encodePassword(user.getPasswd(),
 					null));
 		}
@@ -435,6 +436,7 @@
 
 			// 默认密码为1
 			user.setPasswd("1");
+			user.setIsUnmodifiedPwd(false);
 			user.setType(BarcodeDevice.BARCODE_TYPE_USER);
 			user.setBarcode(serialNumManager.getSerialNumberStr(SerialNum.TYPE_BARCODE));
 			
@@ -571,5 +573,12 @@
 		}
 		return null;
 	}
+
+	@Override
+	public User getCurrentUser() {
+		LoginUserData userData = AcegiHelper.getLoginUser();
+		User user = (User) objectDao.getByID_ForUpdate(User.class.getSimpleName(), userData.getUserId());
+		return user;
+	}
 	
 }
Index: ssts-web/src/main/webapp/systemmanage/adminModifyPWDByExt.js
===================================================================
diff -u -r12331 -r22262
--- ssts-web/src/main/webapp/systemmanage/adminModifyPWDByExt.js	(.../adminModifyPWDByExt.js)	(revision 12331)
+++ ssts-web/src/main/webapp/systemmanage/adminModifyPWDByExt.js	(.../adminModifyPWDByExt.js)	(revision 22262)
@@ -7,17 +7,17 @@
         return false;
     }
     //暂时屏蔽验证复杂密码
-	if(false && testPasswordReg(newPassword)){
-		alert("密码必须是数字与字母组合，长度不小于8");
+	if(testPasswordReg(newPassword)){
+		alert("密码必须是数字与字母组合，长度不小于6");
 		return false;
 	}
     if (confirmNewPassword == ""){
         alert('请输入确认新密码！');
         return false;
     }
      //暂时屏蔽验证复杂密码
-    if(false && testPasswordReg(newPassword)){
-		alert("密码必须是数字与字母组合，长度不小于8");
+    if(testPasswordReg(newPassword)){
+		alert("密码必须是数字与字母组合，长度不小于6");
 		return false;
 	}
     if (newPassword != confirmNewPassword) {
Index: ssts-web/src/main/webapp/personalSetting/modifyPWDByExt.js
===================================================================
diff -u -r12331 -r22262
--- ssts-web/src/main/webapp/personalSetting/modifyPWDByExt.js	(.../modifyPWDByExt.js)	(revision 12331)
+++ ssts-web/src/main/webapp/personalSetting/modifyPWDByExt.js	(.../modifyPWDByExt.js)	(revision 22262)
@@ -60,8 +60,8 @@
     		return false;
     	}
     	//暂时屏蔽验证复杂密码
-    	if(false && testPasswordReg(Ext.getCmp('newPassword').getValue())){
-    		Ext.MessageBox.show({title:'错误提示', msg:'密码必须是数字与字母组合，长度不小于8！',buttons:Ext.Msg.OK,icon:Ext.Msg.ERROR});
+    	if(testPasswordReg(Ext.getCmp('newPassword').getValue())){
+    		Ext.MessageBox.show({title:'错误提示', msg:'密码必须是数字与字母组合，长度不小于6！',buttons:Ext.Msg.OK,icon:Ext.Msg.ERROR});
     		return false;
     	}
     	if(Ext.getCmp('newPassword').getValue() != Ext.getCmp('confirmNewPassword').getValue()){
Index: ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByUnmodified.js
===================================================================
diff -u
--- ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByUnmodified.js	(revision 0)
+++ ssts-web/src/main/webapp/personalSetting/showModifyPWDWindowByUnmodified.js	(revision 22262)
@@ -0,0 +1,151 @@
+function showModifyPWDWindowByUnmodified() {
+	var formObj = new Ext.FormPanel({
+		labelAlign : 'left',
+		frame : true,
+		labelSeparator : '：',
+		bodyStyle : 'padding:5px 5px 0px 25px',
+		width : 400,
+		labelWidth : 80,
+		items : [{
+			xtype : 'textfield',
+			fieldLabel : '旧密码',
+			inputType : 'password',
+			name : 'oldPassword',
+			id : 'oldPassword',
+			width : 250,
+			allowBlank : false,
+			blankText : '请输入旧密码！',
+			msgTarget : 'side'
+		}, {
+			xtype : 'textfield',
+			fieldLabel : '新密码',
+			inputType : 'password',
+			name : 'newPassword',
+			id : 'newPassword',
+			width : 250,
+			allowBlank : false,
+			blankText : '请输入新密码！',
+			msgTarget : 'side'
+		}, {
+			xtype : 'textfield',
+			fieldLabel : '确认新密码',
+			inputType : 'password',
+			name : 'confirmNewPassword',
+			id : 'confirmNewPassword',
+			width : 250,
+			allowBlank : false,
+			blankText : '请输入确认新密码！',
+			msgTarget : 'side'
+		}],
+
+		buttons : [{
+			id : 'saveBtn',
+			text : '确认',
+			handler : save
+		}, {
+			text : '取消',
+			handler : function(){Ext.getCmp('modifyPWDWindow').close();}
+		}]
+	});
+
+	function save() {
+		if (!formObj.form.isValid()) {
+			Ext.MessageBox.show({
+				title : '错误提示',
+				msg : '请正确填写表单各值。',
+				buttons : Ext.Msg.OK,
+				icon : Ext.Msg.ERROR
+			});
+			return false;
+		}
+		if (testPasswordReg(Ext.getCmp('newPassword').getValue())) {
+			Ext.MessageBox.show({
+				title : '错误提示',
+				msg : '密码必须是数字与字母组合，长度不小于6！',
+				buttons : Ext.Msg.OK,
+				icon : Ext.Msg.ERROR
+			});
+			return false;
+		}
+		if (Ext.getCmp('newPassword').getValue() != Ext
+				.getCmp('confirmNewPassword').getValue()) {
+			Ext.MessageBox.show({
+				title : '错误提示',
+				msg : '新密码与确认新密码不一致，请重新填写！',
+				buttons : Ext.Msg.OK,
+				icon : Ext.Msg.ERROR
+			});
+			return false;
+		}
+		formObj.form.submit({
+			url : WWWROOT + '/personalSetting/modifyPWDByExt/save.do',
+			method : 'POST',
+			waitMsg : '正在修改密码，请稍候',
+			waitTitle : '修改密码',
+			success : function(form, action) {
+				if (action.result && action.result.success) {
+					alert("修改密码成功，退出返回登录页面！");
+					logout(WWWROOT);
+				} else {
+					Ext.MessageBox.show({
+						title : '错误提示',
+						msg : '修改密码失败！',
+						buttons : Ext.Msg.OK,
+						icon : Ext.Msg.ERROR
+					});
+				}
+			},
+			failure : function(form, action) {
+				if(action.result.message){
+					alert(action.result.message);
+				}else{
+					Ext.MessageBox.show({
+						title : '错误提示',
+						msg : '旧密码不正确，请重新填写！',
+						buttons : Ext.Msg.OK,
+						icon : Ext.Msg.ERROR
+					});
+				}
+			}
+		});
+	}
+	
+	var window = new Ext.Window( {
+		id : 'modifyPWDWindow',
+		layout : 'fit',
+		title : '修改密码',
+		width : 410,
+		height : 180,
+		modal : true,
+		border : false,
+		plain : true,
+		modal:true,
+		closeAction:'close',
+		items : [ formObj ],
+		listeners: {
+	        beforeClose: function (sender, handlers) {
+	        	/**
+	        	 * ajax异步请求后台，当前用户是否已经修改密码
+	        	 */
+	        	Ext.Ajax.request({
+	                url : WWWROOT + '/systemmanage/user/userAction!isUnmodifiedPwdByUser.do',
+	                success : function(response, options){
+	                	var result = Ext.decode(response.responseText, true);
+	        			if(!result.message){//没有修改
+	        				alert("没有修改密码，退出返回登录页面！");
+	    					logout(WWWROOT);
+	        			} 
+	                },
+	                failure : function(response, options){
+	                },
+	                method : 'POST',
+	                params : {}
+	           });
+	        }
+		}
+	});
+	
+	window.show();
+	top.Ext.getCmp("oldPassword").focus(false, 100);
+
+}
Index: ssts-web/src/main/webapp/homepage/portalPage.jsp
===================================================================
diff -u -r22216 -r22262
--- ssts-web/src/main/webapp/homepage/portalPage.jsp	(.../portalPage.jsp)	(revision 22216)
+++ ssts-web/src/main/webapp/homepage/portalPage.jsp	(.../portalPage.jsp)	(revision 22262)
@@ -344,6 +344,7 @@
 <script type="text/javascript" src="${ctx}/js/ui.js"></script>
 <script type="text/javascript" src="portalPage.js"></script>
 <script type="text/javascript" src="${ctx}/personalSetting/showModifyPWDWindowByExt.js"></script>
+<script type="text/javascript" src="${ctx}/personalSetting/showModifyPWDWindowByUnmodified.js"></script>
 <!-- alertDiv样式 -->
  <style>
 .lightbox{width:270px;height:180px;background:#FFFFFF;border:5px solid #ccc;line-height:18px;display:none; margin:0;}
Index: forgon-core/src/main/java/com/forgon/directory/action/UserAction.java
===================================================================
diff -u -r22164 -r22262
--- forgon-core/src/main/java/com/forgon/directory/action/UserAction.java	(.../UserAction.java)	(revision 22164)
+++ forgon-core/src/main/java/com/forgon/directory/action/UserAction.java	(.../UserAction.java)	(revision 22262)
@@ -93,10 +93,9 @@
 	}
 
 	public User getModel() {
-
 		return user;
 	}
-
+	
 	/**
 	 * 保存参数设置.
 	 * 
Index: ssts-web/src/main/webapp/homepage/portalPage.js
===================================================================
diff -u -r22154 -r22262
--- ssts-web/src/main/webapp/homepage/portalPage.js	(.../portalPage.js)	(revision 22154)
+++ ssts-web/src/main/webapp/homepage/portalPage.js	(.../portalPage.js)	(revision 22262)
@@ -415,6 +415,23 @@
 	});
 	store.load();
 	windowOnLoaded = true;
+	
+	/**
+	 * ajax异步请求后台，当前用户是否已经修改密码
+	 */
+	Ext.Ajax.request({
+        url : WWWROOT + '/systemmanage/user/userAction!isUnmodifiedPwdByUser.do',
+        success : function(response, options){
+        	var result = Ext.decode(response.responseText, true);
+			//没有修改
+        	if(!result.message)
+        		showModifyPWDWindowByUnmodified();
+        },
+        failure : function(response, options){
+        },
+        method : 'POST',
+        params : {}
+   });
 });
 
 function initTipPosition(){