How to secure your portal ?

Hello,
We have a portal. There are several users to access it. Each users are given with a login id and password. Of late, we noticed that, any user can login into the portal with any randomly typed password.
Similarly, if I want to login as another user's name then I just need the his user name say Virat.Dhoni and type any randomly typed password and go, the portal opens with user as Virat Dhoni. It is a big security threat to our portal.
How to check and solve the loop hole here ?
we are using obiee 10g
Thanks.
Edited by: Kuldip on Jan 7, 2013 10:00 PM

Best solution is to validate user and password with given values instead of random password.
Try to store user details along with password and authenticate before you show any pages after hitting login button.
What difficulties you have to validate the password?
If helps pls mark

Similar Messages

  • Oracle Poratal Security Or Portal Security Infrastructure

    We need to implement the Oracle Portal Application user for Authentication and Authorization. We have different pages for different user roles, so please help me how can I use "Oracle Poratal Security Or Portal Security Infrastructure" for securing porlets or pages from unauthorized accesss.

    I suggest taking a look at chapter 6 - "Securing your Portal" of the OracleAS Portal Configuration Guide to get an idea of the security architecture and at the security-related information in the Portal User's Guide.
    You can find these guides in the Application Server documentation library on OTN at http://www.oracle.com/technology/documentation/appserver101202.html

  • TS3297 Does anyone know how to reset your security questions?? I loaded an itunes gift card on new ipod but when trying to make a purchase, itunes is asking us the incorrect security questions?!(for 1st time purchase)

    Does anyone know how to reset your security questions?? I loaded an itunes gift card on new ipod but when trying to make a purchase, itunes is asking us the incorrect security questions?! (for 1st time purchase)  I know the questions are not what I chose because I wrote the questions & answers down when setting up the ipod. Any ideas??!!!

    Reset Security Questions
    Frequently asked questions about Apple ID
    Manage My Apple ID
    Or you can email iTunes Support at iTunes Store Support.
    If all else fails:
      1. Go to: Apple Express Lane;
      2. Under Product Categories choose iTunes;
      3. Then choose iTunes Store;
      4. Then choose Account Management;
      5. Now choose iTunes Store Security and answer the bullet questions, then click
          Continue;
      6. Sign in with your Apple ID and press Continue;
      7. Under Contact Options fill out the information and advise iTunes that you would
          like your security/challenge questions reset;
      8. Click Send/Continue.
    You should get a response within 24 hours by email.
    In the event you are unsuccessful then contact AppleCare - Contacting Apple for support and service.
    Another user had success doing the following:
    I got some help from an apple assistant on the phone. It is kind of round about way to get in.
    Here is what he said to do and it is working for me...
      a. on the device that is asking you for the security questions go to "settings", > "store" >
          tap the Apple ID and choose view"Apple ID" and sign in.
      b. Tap on payment information and add a credit/debit card of your preference then select
          "done", in the upper right corner
      c. sign out and back into iTunes on the device by going to "settings"> "store" > tap the
          Apple ID and choose "sign-out" > Tap "sign -in" > "use existing Apple ID" and you
          should be asked to verify your security code for the credit /debit card and NOT the
          security questions.
      d. At this time you can remove the card by going back in to edit the payment info and
          selecting "none" as the card type then saving the changes by selecting "done". You
          should now be able to use your iTunes store credit without answering the security
          questions.
    It's working for me ...I just have to put in my 3 digit security pin from the credit card I am using.
    Good Luck friends!

  • HT5312 Am I do not know how to change my rescue email as it is wrong and in can not remember my answers to my security questions so I want to change them but I can't as I have the wrong rescue email anyone know how to change your rescue email

    Am I do not know how to change my rescue email as it is wrong and in can not remember my answers to my security questions so I want to change them but I can't as I have the wrong rescue email anyone know how to change your rescue email

    You won't be able to change it until you can answer 2 of your questions - you will need to contact iTunes Support / Apple to get the questions reset.
    Contacting Apple about account security : http://support.apple.com/kb/HT5699
    When they've been reset you can then use the steps half-way down the page that you posted from to update your rescue email address for potential future use.

  • Didnt send me the instructions on how to reset your security information in my mail

    Yesterday i bought a $15 itunes card and i redeemed it. When i try to buy gems in clash of clan iphone game they asked me to answer 2 security questions but i forgot the anwers so i click on 'Forgot your answers? Send reset security info email to s•••••@hotmail.com'  then it saids ' Email sent. Check your inbox for an email with instructions on how to reset your security information.' But i havent receive it in my mail, i checked spam, trash everywhere but counldnt find it. What am i suppose to do ? Should i call apple ?

    Call Apple and ask for the Account Security team.
    (93848)

  • HT6170 How to reset your Security questions if they say they sent it but you didn't the email. Plz help

    How to reset your Security questions if they say they sent it but you didn't the email. Plz help

    CCheck your spam folder.

  • HT1918 How to change your security questions if u forgot them on iPhone iPod and iPad

    how to change your security questions if u forget on iPhone iPod or iPad

    Welcome to the Apple Community.
    Start here, and reset your password, you will receive an email with your new password, then go to manage your account > Password and Security and change your security questions.
    If that doesn't help you might try contacting Apple through iTunes Store Support

  • Why i can't email with instructions on how to reset your security information ?

    i need to email me how to with instructions on how to reset your security information

    No, sorry. There is no way to get around the Activation Lock:
    ACTIVATION LOCK
    The original owner must sign out of Find My iPhone before you will be able to use it. These instructions would need to be followed:
    Find My iPhone Activation Lock: Removing a device from a previous owner’s account
    If you are unable to contact the previous owner to follow these steps, then you basically have a very nice paperweight....
    Sorry,
    GB

  • HT5576 Email sent Check your inbox for an email with instructions on how to reset your security information but i haven't got anytthng in my email

    Email sent
    Check your inbox for an email with instructions on how to reset your security information
      but  i haven't get anything in my email

    I never got mine either. I ended up scheduling for them to call me to reset my security questions.

  • HT201363 My mail for (how to reset your security questions) is not going through

    The mail for ( how to reset your Apple ID security questions) is not going through

    You need to contact Apple to get the questions reset. Click here, phone them, and ask for the Account Security team, or fill out and submit this form.
    (94341)

  • How to reset your security information

    hi
    how to reset your security information?
    apple dont send an email fore me to change security qus

    What do you mean by 'apple dont send me email' ?
    If you have a rescue email address (which is not the same thing as an alternate email address) set up on your account then the steps half-way down this page give you a reset link on your account : http://support.apple.com/kb/HT5312
    If you don't have a rescue email address (you won't be able to add one until you can answer your questions), or you have one but aren't receiving the reset email to it, then you will need to contact iTunes Support / Apple in your country to get the questions reset.
    Contacting Apple about account security : http://support.apple.com/kb/HT5699
    When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down the HT5312 link above to add a rescue email address for potential future use

  • How you restore your security pass code if you have disabled your iPod, due to too many pass code attempts

    How you restore your security pass code if you have disabled your iPod, due to too many pass code attempts?

    If You Are Locked Out Or Have Forgotten Your Passcode
    iTunes 10 for Mac- Update and restore software on iPod, iPhone, or iPad
    iPhone, iPad, iPod touch: Wrong passcode results in red disabled screen
    iOS- Understanding passcodes
         If you have forgotten your Restrictions code, then follow the instructions
         below but DO NOT restore any previous backup. If you do then you will
         simply be restoring the old Restrictions code you have forgotten. This
         same warning applies if you need to restore a clean system.
    A Complete Guide to Restore or Recover Your iDevice (if You Forget Your Passcode)
    If you need to restore your device or ff you cannot remember the passcode, then you will need to restore your device using the computer with which you last synced it. This allows you to reset your passcode and re-sync the data from the device (or restore from a backup). If you restore on a different computer that was never synced with the device, you will be able to unlock the device for use and remove the passcode, but your data will not be present. Refer to Updating and restoring iPhone, iPad and iPod touch software.
    Try restoring the iOS device if backing up and erasing all content and settings doesn't resolve the issue. Using iTunes to restore iOS devices is part of standard isolation troubleshooting. Restoring your device will delete all data and content, including songs, videos, contacts, photos, and calendar information, and will restore all settings to their factory condition.
    Before restoring your iOS device, Apple recommends that you either sync with iTunes to transfer any purchases you have made, or back up new data (data acquired after your last sync). If you have movie rentals on the device, see iTunes Store movie rental usage rights in the United States before restoring.
    Follow these steps to restore your device:
         1. Verify that you are using the latest version of iTunes before attempting to update.
         2. Connect your device to your computer.
         3. Select your iPhone, iPad, or iPod touch when it appears in iTunes under Devices.
         4. Select the Summary tab.
         5. Select the Restore option.
         6. When prompted to back up your settings before restoring, select the Back Up
             option (see in the image below). If you have just backed up the device, it is not
             necessary to create another.
         7. Select the Restore option when iTunes prompts you (as long as you've backed up,
             you should not have to worry about restoring your iOS device).
         8. When the restore process has completed, the device restarts and displays the Apple
             logo while starting up:
               After a restore, the iOS device displays the "Connect to iTunes" screen. For updating
              to iOS 5 or later, follow the steps in the iOS Setup Assistant. For earlier versions of
              iOS, keep your device connected until the "Connect to iTunes" screen goes away or
              you see "iPhone is activated."
         9. The final step is to restore your device from a previous backup.
    If you can not restore your device then you will need to go to recovery mode.
    Placing your device into recovery mode:
    Follow these steps to place your iOS device into recovery mode. If your iOS device is already in recovery mode, you can proceed immediately to step 6.
         1. Disconnect the USB cable from the iPhone, iPad, or iPod touch, but leave the other end
             of the cable connected to your computer's USB port.
         2. Turn off the device: Press and hold the Sleep/Wake button for a few seconds until the
             red slider appears, then slide the slider. Wait for the device to turn off.
              If you cannot turn off the device using the slider, press and hold the Sleep/Wake
              and Home buttons at the same time. When the device turns off, release the Sleep/Wake
              and Home buttons.
         3. While pressing and holding the Home button, reconnect the USB cable to the device.
             The device should turn on. Note: If you see the screen pictured below, let the device
             charge for at least ten minutes to ensure that the battery has some charge, and then
             start with step 2 again.
         4. Continue holding the Home button until you see the "Connect to iTunes" screen.
             When this screen appears you can release the Home button.
         5. If necessary, open iTunes. You should see the following "recovery mode" alert:
         6. Use iTunes to restore the device.
    If you don't see the "Connect to iTunes" screen, try these steps again. If you see the "Connect to iTunes" screen but the device does not appear in iTunes, see this article and its related links.
    Additional Information:
    Note: When using recovery mode, you can only restore the device. All user content on the device will be erased, but if you had previously synced with iTunes on this computer, you can restore from a previous backup. See this article for more information.

  • HT1918 how to change your password if you forget your security answers

    how to change your password if you forget your security answers

    Start here, and reset your password, you will receive an email with your new password, then go tomanage your account > Password and Security and change your security questions.
    If that doesn't help you might try contacting Apple through iTunes Store Support

  • How to fix your security questions

    How to fix your security questions

    Hi Yungcowgirl,
    Welcome to the Support Communities!
    The article below should help you with this:
    Rescue email address and how to reset Apple ID security questions
    http://support.apple.com/kb/HT5312
    I hope this information helps ....
    Have a great day!
    - Judy

  • How do you test portal roles and/or ESS roles if testid is not in LDAP?

    We have a process but it is hard to maintain and not very secure.  I was wondering how other Security Admins solve this problem.
    For examplle, we have users who use ESS, MSS, Adobe Forms and a few other portal roles.  And, all of them are using the LDAP to authenticate users.
    Our Basis guys have created test ids in the Portal but they need to be asisgned directly to a pernr (on Infotype 0105) in order to obtain the right information in the portal.
    I'm curious as to how others maintain this process.
    All suggestions and recommendations are welcome.
    Thanks,
    Penny

    If the Basis team has created the test-id on the portal, assign the MSS/ESS role as per the business process
    make sure to create the same userid on the backend system and assign the userid to a pernr
    Assigning userid to PERNR lot of postings are available to do this please search.
    Also I remember at one of my customers project  the portal was configured to have "parameter setting" on the portal rather than the backend system.
    summary: Userid - UME/LDAP ( Basis already created it in your case )
                                  Portal roles ESS/MSS   - assigned to userid
                                  ECC/HCM system roles -assigned to userid  ( after PERNR is tied to userid)
                                  Paremeter setting to be done on portal
    Regards

Maybe you are looking for

  • Inclusive Free Goods Determination ?

    Hi,    Can someone dend me the config. steps for inclusive free goods determination . Regrds, Binayak

  • Early (2007) model extreme and speeds

    I have an early Airport Extreme 2007 base station model. It is fully up to date with latest upgrades. The tech specs state it is 802.11a/b/g and "draft 802.11n", it states it is 2.4Ghz OR 5Ghz. I am trying to improve my wireless download speeds as I

  • PROBLEMS WITH A THREAD!!!

    Hi, guys! Posted this in another forum, but no good answers... I got a class "GUI" which is calling a method in class FileCopy on a button-click. Class GUI calls -------> copy in class FileCopy The FileCopy-class looks kinda like this: public class F

  • Should I update to 6.1.1

    I have read on the net that alot of users have had issues with there battery draining faster after updating to 6.1.1 and this has gotten me very concerned about updating. Has anyone else here have problems? and should I upgrade? This is my only phone

  • SE01, SE09, SE10 throwing dumps with Syntax error

    We were applying some security notes in the SAP ECC6 Ehp1 system however, we forgot to implement a pre-requisite which was an external transport before implementing a note (in dev. we did it right but in test system, we forgot to do the external impo