In the process of requiring a user to set a new password, I use this code:

        new RunAsOperation() {

            @Override
            public void execute() {
                try {
                    identityManager.changePassword(email, password);
                }
                catch (Exception e) {
                    log.error("change password error " + e.getCause());
                }
            }
        }.addRole("admin").execute();

changePassword throws a NotLoggedIn exception, but I don't see why. Should a user be logged in in order for them to change their password, when they have the "admin" role? I added identity.login() to the code, to no avail.