Convergence - hide password change form

Similar Messages

• How to hide password in forms config file

  Hi
  Is there a way to hide the password in the forms config file?
  Regards,
  Néstor Boscán

  Hi,
  you cannot. For a future version we are condering password indirection, which is a feature of OC4J. However, until then the option to use is to implement Single Sign-On with Forms as this storeds username and password in OID
  Frank

• ORACLE Password Change using APEX FORM

  Greetings!
  I would like to find out, if there is a utility or a sample page that permits the Database password changes for the DB users within the Database. My goal is for users to maintain password using the Browser, instead of using SQL*Plus or similar Windows tools
  Thanks in advance for your help!
  Muni

  So if you and I can both authenticate to this application, we will necessarily have separate accounts, say in the Application Express account repository of that application's workspace. Our accounts will each have a password that is not synchronized with our database account password. The application will allow me (SCOTT) to change only the database account named SCOTT and will allow you (VIKAS) to change only the database account named VIKAS. That rule would make it unnecessary for the provided form to provide an input field for the database account name (it would be pre-populated). Unfortunately, the chosen authentication method requires each of us to remember our application password, and, if the application is built correctly, to remember our old database password as well. (Implementing that verification has its own issues.) If the application used LDAP then a mapping table would be needed to relate [email protected] to VIKAS. Every time a new database user needed the self-service password facility, a new user account (and a new password), and a new mapping table entry would have to be created. All of that complexity is eliminated if the application uses Database Account credentials authentication -- a new database user is created, the user can authenticate to the application and use it; the database user is removed, the user can no longer authenticate.
  Let's not confuse the aim of providing a self-service "change my database password" application (the original requirement) with the simpler task of providing a super-user-oriented database account management page (like we did in XE).
  Scott

• Form for password changing. code problem

  hi dears,
  i am using forms6i. i was making a form for password changing purpose. i've written this code this is successfully compiled but it is not changing the password. wil u plz tell me where is the problem.
  declare
       v_user varchar2(50);
       v_oldpassword varchar2(50);
       v_var2 varchar2(50);
       v_leng number(3);
  begin
       v_oldpassword := get_application_property(password);
       v_user:=user;
       v_var2:=upper(:password_old);
       if v_var2<>v_oldpassword then
       message ('Old Password Is Not Correct...');
       message ('Old Password Is Not Correct...');
       raise form_trigger_failure;
       end if;
       if :password1<>:password2 then
            message ('Typed Passwords Are Not The Same...');
            message ('Typed Passwords Are Not The Same...');
            raise form_trigger_failure;
       end if;
       v_leng:=length(:password2);
       if :password1=:password2 and v_leng<=3 then
       message ('Password Must Have Four Characters...');
       message ('Password Must Have Four Characters...');
            raise form_trigger_failure;
       end if;
       if v_var2=v_oldpassword and :password1=:password2 then
       FORMS_DDL('alter user ' || v_user || ' identified by ' ||:password.password2);
       message ('Password Is Changed... Please Restart The Oracle Applications...');
       end if;
  end;
  COMMIT;
  LOGOUT;
  thanks

  Hi dear,
  Please use this code to change your password:
  declare
  v_user varchar2(50);
  v_oldpassword varchar2(50);
  v_var2 varchar2(50);
  v_leng number(3);
  begin
  v_oldpassword := get_application_property(password);
  v_user:=user;
  v_var2:=upper(:password_old);
  v_leng:=length(:password2);
  if v_var2 != v_oldpassword then
  message ('Old Password Is Not Correct...');
  message ('Old Password Is Not Correct...');
  raise form_trigger_failure;
  elsif
  :password1 != :password2 then
  message ('Typed Passwords Are Not The Same...');
  message ('Typed Passwords Are Not The Same...');
  raise form_trigger_failure;
  elsif
  :password1=:password2 and nvl(v_leng,0) <=3 then
  message ('Password Must Have Four Characters...');
  message ('Password Must Have Four Characters...');
  raise form_trigger_failure;
  elsif
  v_var2 = v_oldpassword and :password1 = :password2 then
  FORMS_DDL('alter user ' || v_user || ' identified by ' ||:password.password2);
  message ('Password Is Changed... Please Restart The Oracle Applications...');
  end if;
  end;

• Changing expired password in forms 6.0

  I'm trying to offer a possibility to users to change their passwords.
  in forms they user is prompt to change is password, but after changes an validation the message FRM-10201 Impossible de changer le mot de passe (unable to change the password)
  When i try it on sql plus i got this :
  SQL> connect ntci/ntci@post
  ERREUR:
  ORA-28001: le mot de passe est expiré
  Modification de mot de passe pour ntci
  Ancien mot de passe : *****
  Erreur du système d'exploitation (Operating system error, password not modified)
  Mot de passe non modifié
  I dont know what is happening.
  Would you mind helping me

  Thank you for replying to my message.
  I've read in doc 52718.1 that from forms release 6.0 it is possible to handle this situation.
  After expiring the password an trying a connection, the system first prompt that the password is expired and ask for a password replacement but this never reach (the operating system error is raised).
  I'm using Forms 6.0 against Database 9.0.2..on windows XP client
  Maybe this could explain moore
  thank you once again

• How to implement Force password change during authentication

  Description of problem
  Our client requires web applications to support its internal security policy beyond
  normal authentication. This includes:
  - force password change periodically. This should be performed at logon time.
  - maintain password history so that a new password would not repeat any of its
  previous 15 changes.
  We already have an authentication server that satisfy these requirements. However,
  we would also like to base our solution on WebLogic security framework so that
  we can leverage the benefit of the container-managed declarative security (e.g.
  we don't need to use our special cookie to check whether a user is authenticated
  for every web page in the application). So the best scenario for us is to wrap
  up this authentication server using WLS 7.0 authentication SSPI.
  My initial investigation of WLS 7.0 security framework (based on edocs and the
  sample customer security provider codes) convinced me that overall, this is achievable.
  However, I am still left with quite a few questions, which I would like to get
  your help.
  Questions:
  1. (web container) The J2EE-standard container-based authentication is to specify
  <login-config> element. My understanding is that only FORM based authentication
  is applicable. The specified form elements:
  <form method="post" action="j_security_check">
  <INPUT TYPE="TEXT" NAME="j_username">
  <INPUT TYPE= "password" NAME="j_password">
  </form>
  is adequate for authentication. However, if the authentication service provider
  indicates that password change is needed, what would be the most appropriate way
  within WebLogic for the authentication service provider to pass such a flag to
  the web container know so that our application can access it? I guess, a simpler
  question, would be, using the standard <login-config>, webapp knows only about
  authentication fails or succeeds. Can it possibly know more information provided
  by the authentication service provider right after authentication?
  2) If we don't use standard FORM-based authentication, we will code up our own
  authentication control, which could give us a lot more flexibility, but can we
  then bind our Subject obtained through our authentication control to the WebLogic
  Subject that is running the webapp.
  3) (Authentication service provider) Our design is for the custom LoginModule
  to delegate login calls to the authentication server, and throws more refined
  exceptions such as: FailedLoginException, PasswordExpiredException, UserAccountLockedException
  (all subclassed from LoginException). Another approach is to provide detailed
  information such as password expired in callbacks. Either way, when Authentication
  service provider returns, how our web application can access this refined flag
  of authentication result.
  4) Can our customer authentication service provider use DataSource defined in
  a weblogic server? I ask this question because DataSource itself is a protected
  resource of WebLogic. Will referencing it during authentication initiate another
  authentication cycle?
  Can anyone who has experienced similar requirements and worked solutions please
  give me a hint? I appreciate your guidance.
  regards
  Licheng

  "Licheng" == Licheng <[email protected]> writes:
  Licheng> Description of problem
  Licheng> Our client requires web applications to support its internal security policy beyond
  Licheng> normal authentication. This includes:
  Licheng> - force password change periodically. This should be performed at logon time.
  Licheng> - maintain password history so that a new password would not repeat any of its
  Licheng> previous 15 changes.
  Licheng> ..
  Licheng> We already have an authentication server that satisfy these requirements. However,
  Licheng> we would also like to base our solution on WebLogic security framework so that
  Licheng> we can leverage the benefit of the container-managed declarative security (e.g.
  Licheng> we don't need to use our special cookie to check whether a user is authenticated
  Licheng> for every web page in the application). So the best scenario for us is to wrap
  Licheng> up this authentication server using WLS 7.0 authentication SSPI.
  I believe it's impractical to fit the requirement of forcing a password change
  into the standard JAAS interface.
  I think the only practical way to do this is to implement a servlet filter that
  reads the persistent record of the logged-in user to check for a "force change
  password flag". If it finds this, the servlet filter will forward to a page to
  change your password. Note that the servlet filter may be hit again when
  trying to get to the change password page, so it needs to know to not do the
  check in that case.
  If you implement this, I would strongly urge you to softcode the "change
  password" page URL in your system configuration, and not hardcode it in the
  servlet filter.
  ===================================================================
  David M. Karr ; Java/J2EE/XML/Unix/C++
  [email protected] ; SCJP; SCWCD

• *** How to get the username in a custom password change routine....

  How to get the username in a custom password change routine / procedure / form when a user's password has expired and is redirected automatically to this custom program?
  We use the 2nd parameter in LOGIN_URL column in WWSSO_LS_CONFIGURATION_INFO$ table to get to this custom change-password proc.

  OK !
  Use that maybe good :
  select USERID into v_user from sys.aud$
    where ntimestamp#=(
    select max(ntimestamp#)
    from sys.aud$ );

• Can we lock down user admin functionality to allow password changes only?

  Hi,
  Is it possible to lock down the user admin functionality so a specific role can only change passwords?
  We have a large user base of >10K infrequent users that are forced to change their passwords every 30 days. We suspect a lot will require password changes and we are keen to not have the tech team spending most of their time dealing with such requests. We would like to pass this task onto data management but not allow them the system administrator functionality.
  We know we can create a responsibility with a limited menu available so the operator can see only the security/user/define menu. But this will still allow the person to add responsibilities to existing user accounts and create new user accounts, both of which are deemed unacceptable security risks. Is it possible to lock down the form as well as the menu? Allowing operators to only change the password of existing users? Or can we use the custom.pll to error when a user tries to do anything except edit the password field when in this role?
  Thanks
  Matt

  You should be able to do that. You would create a new privilege level (ie 7), assign all commands to that level except (this is my guess) the command vpn-sessiondb, you would put that at a lower privilege level (ie 6). Here's a write-up that may help getting you in the right direction.
  http://www.packetpros.com/2012/08/read-only-asdm.html

• Hide password on command line

  Dear everybody,
  I would like to find a way to hide password on command line when user type password. There is a way that use another thread to output '\b*'. However, it has some bugs. And I can't use Console class which has a method to hide password. Because my JDK is 1.5 and I can't change it because of some reasons.
  Does anybody know a way to hide password on command line?
  Thanks very much!

  Because my JDK is 1.5 and I can't change it because of some reasons.Look how sweet Console is in 1.6:
  import java.io.Console;
  public class ConsoleExample {
      public static void main(String[] args) {
          Console console = System.console();
          char[] password = console.readPassword("Please enter password:");
          //don't do this: passwords shouldn't be stringified
          String s = new String(password);
          console.format("password =[%s]%n", s);
  }Find a way to install 1.6! We believe in you!

• FIM Password Synchronization Not Catching All Password Changes

  I have a FIM 2012 R2 environment and I'm about to start synchronizing password changes from AD into our legacy systems.  I have PCNS installed on my DCs and the AD MA in FIM configured as a password sync source.
  Everything works - just not all of the time.
  I've enabled PCNS verbose logging on the DCs.  I'm getting "The password notification has been delivered to all targets - (Event ID 2100)"
  success messages for all password changes but the FIM sync engine ony appears to be acting on ~25% of the incoming changes.
  I had thought it was my password extension code that may have been having issues but I stripped it down to simply dropping an event into an event log and it's still dropping 75% of the changes.
  Has anyone else seen this behaviour before? 
  Is there any way to correlate PCNS events with some form of log in FIM?  I can't seem to find anything in the event log that's tied to password changes.
  Cheers,
      Ian

  Looks like I managed to solve this one myself (it's alot easier once you manage to get logging to work correctly (doh!)).
  The problem lies in the way we're currently provisioning AD accounts (out of band through a scripted process).  This means that accounts show up in AD before FIM knows that they exist - FIM isn't having a problem finding the user in the password target
  connector space, it's having a problem finding them in the password source connector space.
  The 25% that are succeeding are the individuals who have already been recognized by FIM in both the source and target connector spaces.

• My "website login info remember function" won't recognize/save new password changes to Yahoo mail

  I've just changed my password into my Yahoo email account - however the Foxfire website login data remember function box doesn't appear asking if I want to save my new login information.
  I've checked my Tools/Options/Security info and all is as should be... And my Tools/Options/Privacy/Remember History box is checked too...
  In fact the "remember password data" box just popped up when I registered with this site and added my new login info to my list of saved login ID's and passwords...
  Seems to be the "login data remember function" isn't recognizing my Yahoo mail login password change as new info that needs to be re-saved...

  hello bthrower, websites can specify if browsers should be able to save username/passwords (through the autocomplete="off" attribute in the login form in the html source code) - this is often the case when a higher level of security is presumably required by those sites.
  you can either [https://addons.mozilla.org/firefox/addon/remember-passwords/ install an addon] or [https://www.squarefree.com/bookmarklets/forms.html#remember_password use a bookmarklet] to circumvent this restriction.
  [[Usernames and passwords are not saved]]

• How  to change form of discoverer portlet

  Hi "All".
  How to change form of discoverer portlet or create new in
  discoverer/portletprovider.
  I try to change discoverer portlet (hide refresh date, view worksheet link)
  but nothing changed.
  If You did it - write exemples xsl or xml files, please.
  Or give a link.
  What files i must edit for edit discoverer portlet.
  Help me in it please.
  Thank you.
  sory for my english

  worksheet_run.xsl
  and after changed -> restart oc4j_forms and oc4j_portal.

• RBACx Encrypted Password Change Utility

  Hi all,
  In the OIA/SRM installation guide, there is a reference to a tool, to find out the password of rbacxservice.
  "Oracle Identity Analytics utilizes an encrypted password when communicating with the database.
  To change the default database password, use the RBACx Encrypted Password Change Utility"
  Could you please help me finding out this tool.
  Many thanks in advance.
  Warm regards,
  Manipradeep Sunku.

  The mentioned tool only encrypts the password so that you don't have to store a plain text password in the config file. It does not decrypt it. The default rbacxservice password is rbacxservice.
  The tool does not come with the OIA/SRM distribution so if you need it, you will need to contact support.

• ACS 5.3 UCP Password Change

  Hi at all,
  i have a Problem with the UCP Webside Password Change.
  The Side is running without Problem. A Password Change for the normal User is also o.k.
  Here me Problem.
  I will use this Side also for our Admins to Change here Password but this User has also a Enable Password.
  Is it Possible to Change also this Password with the UCP Webside?
  Thanks for help.
  regards
  Andreas

  Hey Tushar,
  That is our current setup. Right now each user logs in with their AD credentials to get into user exec mode and the same password to get into privileged exec mode. I would like to have a user login with their normal AD credentials to get into user exec mode and a different password (specific to each user, not locally on the device) to login to privileged exec mode. We are doing this for security reasons. Hopefully that clarifys what I'm trying to do.
  Thanks

• User Password change fails in OWA 2013

  User Password change fails in OWA with this error: Your password couldn't be changed. Make sure the old password you typed is correct and that the new password meets the minimum security requirements.
  We are migrating from Exchange 2007 to Exchange 2013.  Have mailboxes in both environments.  OWA 2007 password changes succeed (user mailbox is still in Exchange 2007).  When the user mailbox is moved to Exchange 2013, password changes fail
  with the above error.
  We have the Exch 2013 servers are on Windows 2012 and we are running Exch 2013 CU3.   We have made changes to the Default Role Assignment Policy to prevent users from changing Contact information and setting user photos, etc.  We are not exactly
  sure when user password changes stopped working, or even if they ever did work, although we recently installed our Prod Exch 2013 servers alongside our 2007 servers without any RBAC delegation implemented and a quick test of a user password change was successful.
  I reversed all the changes to the Default Role Assignment Policy but the password change still fails.

  Hi,
  Please try the following steps in your CAS server:
  1. Click Start > Run and type regedit and click OK.
  2. Navigate to the "HKLM\SYSTEM\CurrentControlSet\Services\MSExchange OWA" key.
  3. Set the ChangeExpiredPasswordEnabled value from 1 to 0.
  4. Close regedit and re-open it.
  5. Set the ChangeExpiredPasswordEnabled value from 0 to 1.
  6. Close regedit.
  7. After you configure this DWORD value, please reset IIS. The recommended method to reset IIS is to use IISReset /noforce from a command prompt.
  Here is the similar thread about password change issue in Exchange 2013 CU3, please refer to:
  http://social.technet.microsoft.com/Forums/en-US/30b74c81-9b98-46f4-9ca0-1c3bb74f4a3f/users-with-expired-passwords-or-change-password-at-next-logon-unable-to-change-password-via-owa-in?forum=exchangesvrclients
  Hope it helps.
  Thanks,
  Winnie Liang
  TechNet Community Support