Ok, I remember, we fixed the bug in LSE 2.3.2, and unfortunately is not available yet it LSC 2.3
To fix it go in the file LS_ROOT/Src/LS-Client/Default-WebApp/WEB-INF/src/java/org/libresource/web/controllers/membership/EditProfileController.java
and fix the bottom of the file to make it look like this one
// authentification part
String newPass1 = request.getParameter("newpass1");
String newPass2 = request.getParameter("newpass2"); if ((newPass1 != null) && (newPass2 != null)
&& (newPass1.trim().length() > 0)
&& (newPass2.trim().length() > 0)) {
if (newPass1.equals(newPass2)) {
membershipService.editCasUser(user.getId(), newPass1);
if (kernelService.getConnectedResource().equals(user.getUri())) {
request.getSession().setAttribute("security_password",
newPass1);
}
}
} // clean cache
if (kernelService.getConnectedResource().equals(user.getUri())) {
request.getSession().removeAttribute("connectedUserCache");
}