Index: openacs-4/packages/acs-authentication/tcl/password-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/tcl/password-procs.tcl,v
diff -u -r1.7 -r1.8
--- openacs-4/packages/acs-authentication/tcl/password-procs.tcl	25 Sep 2003 17:17:17 -0000	1.7
+++ openacs-4/packages/acs-authentication/tcl/password-procs.tcl	29 Sep 2003 09:49:40 -0000	1.8
@@ -117,11 +117,15 @@
     switch $result(password_status) {
         ok {
             # Invalidate existing login tokens sitting on random other browsers out there
+            set connection_user_id [ad_conn user_id]
+
             sec_change_user_auth_token $user_id
-            
-            # Refresh the current user's cookies, so he doesn't get logged out
-            ad_user_login -account_status [ad_conn account_status] $user_id
-            
+
+            # Refresh the current user's cookies, so he doesn't get logged out, 
+            # if this user was logged in before changing password
+            if { [ad_conn isconnected] && $user_id == $connection_user_id } {
+                ad_user_login -account_status [ad_conn account_status] $user_id
+            }
         } 
         no_account - not_supported - old_password_bad - new_password_bad - change_error - failed_to_connect {
             if { ![exists_and_not_null result(password_message)] } {
Index: openacs-4/packages/acs-authentication/tcl/test/acs-authentication-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-authentication/tcl/test/acs-authentication-procs.tcl,v
diff -u -r1.28 -r1.29
--- openacs-4/packages/acs-authentication/tcl/test/acs-authentication-procs.tcl	19 Sep 2003 12:59:11 -0000	1.28
+++ openacs-4/packages/acs-authentication/tcl/test/acs-authentication-procs.tcl	29 Sep 2003 09:49:40 -0000	1.29
@@ -326,10 +326,15 @@
             # create user we'll use for testing
             set user_id [ad_user_new "test2@user.com" "Test" "User" "changeme" "no_question" "no_answer"]
 
+
+
             # password_status "ok"
             set old_password "changeme"
             set new_password "changedyou"
-            array set auth_info [auth::password::change -user_id $user_id -old_password $old_password -new_password $new_password]
+            array set auth_info [auth::password::change \
+                                     -user_id $user_id \
+                                     -old_password $old_password \
+                                     -new_password $new_password]
             aa_equals "Should return 'ok'" \
                 $auth_info(password_status) \
                 "ok"