ICM 7.5 Agent Password change utility/interface

I am running ICM 7.5 Enterprise. is there a web or any other interface which can be provided to Agents to change their pasword ?

vibin.v wrote:Any idea of the sql statement to update the password?  the ICM is anyway running  MSQL 2005
That's not a good idea. All ICM integrators and admin users should understand the basics of how configuration changes are made in ICM. This is a complex path in order to ensure that the key component, the duplexed Call Router has changed the in-memory copy of the configuration. Changing the database (which one were you thinking of - Logger, AW?) using SQL Query Analyzer or any other native method is more than likely to totally mess up your system.
Study this diagram (from the 8.0 Serviceability Guide)
Regards,
Geoff

Similar Messages

  • RBACx Encrypted Password Change Utility

    Hi all,
    In the OIA/SRM installation guide, there is a reference to a tool, to find out the password of rbacxservice.
    "Oracle Identity Analytics utilizes an encrypted password when communicating with the database.
    To change the default database password, use the RBACx Encrypted Password Change Utility"
    Could you please help me finding out this tool.
    Many thanks in advance.
    Warm regards,
    Manipradeep Sunku.

    The mentioned tool only encrypts the password so that you don't have to store a plain text password in the config file. It does not decrypt it. The default rbacxservice password is rbacxservice.
    The tool does not come with the OIA/SRM distribution so if you need it, you will need to contact support.

  • Password Change Utility

    Does anyone have, or know of, a utility for users to change their Oracle passwords without having access to SQLPLUS directly?

    I'm pretty sure 9.0.1 comes with iSQL*Plus-- 9.2 certainly does.
    You could certainly put together a little web-based utility to do this sort of thing pretty quickly if you wanted-- shouldn't be more than a week of effort. Might be fewer headaches than enabline iSQL*Plus.
    Justin
    Distributed Database Consulting, Inc.
    http://www.ddbcinc.com/askDDBC

  • Oracle agent password change- 11g

    Hi All
    During silent install of Oracle Grid Agent I put a wrong password for AGENT_REGISTRATION_PASSWORD
    I need to reset the AGENT_REGISTRATION_PASSWORD to password of OMS Server 11g (11.1.0.1.0)
    this is on Linux x86_64 bit
    What are the steps thhat need to be followoed
    Thanks

    Hi,
    To change an existing Agent Registration Password, use the following emctl command:
    $PROMPT> emctl secure setpwd sysman_password new_Install_Password
    Note that the emctl secure setpwd command requires that you provide the password of the Enterprise Manager super administrator user, sysman, to authorize the resetting of the Agent Registration Password.

  • Is autoconfig required to be run for apps password change

    Is autoconfig required to be run for apps password change -- We are only changing APPS and APPLSYS passwords.
    How to Change Applications Passwords using Applications Schema Password Change Utility (FNDCPASS or AFPASSWD) [ID 437260.1] -- does not mention anything about autoconfig.
    Please clarify.
    Thanks

    It's mentioned in the document twice
    1. For APPLSYSPUB/GUEST as you mentioned
    2. Under "Verify the new password" which cover the apps/applsys passwords
    If you search the doc for "AutoConfig" you will find it there.
    Thanks,
    Hussein

  • Changing OVM3 Server agent password in OVM3 manager

    Hello, I changed OVM3 server agent password via this procedure http://docs.oracle.com/cd/E20065_01/doc.30/e18548/server.htm#CCHJIJFD
    Now I can't rediscover this server in OVM manager. I also can't delete server from server pool. How could I do it manually, for example if server is down and I want to remove it from pool?
    Here is re-discover procedure output:
    Job Construction Phase
    begin()
    Appended operation 'Server Refresh' to object '00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (blade7)'.
    commit()
    Completed Step: COMMIT
    Objects and Operations
    +Object (IN_USE): [Server] 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (blade7)+
    Operation: Server Refresh
    Job Running Phase at 12:29 on Mon, Jan 9, 2012
    Job Participants: []
    Actioner
    Starting operation 'Server Refresh' on object '00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (blade7)'
    Setting Context to model only in job with id=1326130184380
    Job Internal Error (Operation)com.oracle.ovm.mgr.api.exception.FailedOperationException: OVMAPI_4010E Attempt to send command: discover_cluster to server: 172.25.60.10 failed. OVMAPI_4004E Server Failed Command: discover_cluster, Status:
    Mon Jan 09 12:29:47 EST 2012
    Mon Jan 09 12:29:47 EST 2012
    at com.oracle.ovm.mgr.action.ActionEngine.sendCommandToServer(ActionEngine.java:474)
    at com.oracle.ovm.mgr.action.ActionEngine.sendDiscoverCommand(ActionEngine.java:283)
    at com.oracle.ovm.mgr.action.ClusterAction.getClusterInfo(ClusterAction.java:184)
    at com.oracle.ovm.mgr.discover.ovm.ServerClusterDiscoverHandler.queryMaster(ServerClusterDiscoverHandler.java:139)
    at com.oracle.ovm.mgr.discover.ovm.ServerClusterDiscoverHandler.process(ServerClusterDiscoverHandler.java:230)
    at com.oracle.ovm.mgr.discover.ovm.DiscoverHandler.execute(DiscoverHandler.java:55)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:435)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:420)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:405)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDefaultDiscover(DiscoverEngine.java:388)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.discoverServer(DiscoverEngine.java:229)
    at com.oracle.ovm.mgr.op.physical.ServerRefresh.action(ServerRefresh.java:64)
    at com.oracle.ovm.mgr.api.job.JobEngine.operationActioner(JobEngine.java:191)
    at com.oracle.ovm.mgr.api.job.JobEngine.objectActioner(JobEngine.java:257)
    at com.oracle.ovm.mgr.api.job.InternalJobDbImpl.objectCommitter(InternalJobDbImpl.java:1019)
    at com.oracle.odof.core.AbstractVessel.invokeMethod(AbstractVessel.java:223)
    at com.oracle.odof.core.BasicWork.invokeMethod(BasicWork.java:136)
    at com.oracle.odof.command.InvokeMethodCommand.process(InvokeMethodCommand.java:100)
    at com.oracle.odof.core.BasicWork.processCommand(BasicWork.java:81)
    at com.oracle.odof.core.TransactionManager.processCommand(TransactionManager.java:751)
    at com.oracle.odof.core.WorkflowManager.processCommand(WorkflowManager.java:395)
    at com.oracle.odof.core.WorkflowManager.processWork(WorkflowManager.java:453)
    at com.oracle.odof.io.AbstractClient.run(AbstractClient.java:42)
    at java.lang.Thread.run(Thread.java:662)
    Caused by: com.oracle.ovm.mgr.api.exception.IllegalOperationException: OVMAPI_4004E Server Failed Command: discover_cluster, Status:
    Mon Jan 09 12:29:47 EST 2012
    at com.oracle.ovm.mgr.action.ActionEngine.sendAction(ActionEngine.java:752)
    at com.oracle.ovm.mgr.action.ActionEngine.sendCommandToServer(ActionEngine.java:470)
    +... 26 more+
    FailedOperationCleanup
    Starting failed operation 'Server Refresh' cleanup on object 'blade7'
    Complete rollback operation 'Server Refresh' completed with direction=blade7
    Rollbacker
    Objects To Be Rolled Back
    +Object (IN_USE): [BondPort] network.BondPort (2) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (network.BondPort (2) in blade7)+
    +Object (IN_USE): [EthernetPort] network.EthernetPort (1) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 with MAC 00:16:36:f6:80:b4 (network.EthernetPort (1) in blade7)+
    +Object (IN_USE): [EthernetPort] network.EthernetPort (3) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 with MAC 00:16:36:d2:e1:d8 (network.EthernetPort (3) in blade7)+
    +Object (IN_USE): [BondPort] network.BondPort (1) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (network.BondPort (1) in blade7)+
    +Object (IN_USE): [EthernetPort] network.EthernetPort (2) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 with MAC 00:16:36:f6:80:b2 (network.EthernetPort (2) in blade7)+
    +Object (IN_USE): [Server] 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 (blade7)+
    +Object (IN_USE): [FileSystemMount] 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2_mount_/OVS/Repositories/0004fb00000300006d4b745c71639eb8 (blade7_/OVS/Repositories/0004fb00000300006d4b745c71639eb8)+
    +Object (IN_USE): [EthernetPort] network.EthernetPort (4) in 00:16:36:f6:80:b4:00:16:36:f6:80:b2:00:16:36:d2 with MAC 00:16:36:d2:e1:d9 (network.EthernetPort (4) in blade7)+
    Completed Step: ROLLBACK
    Job failed commit (internal) due to OVMAPI_4010E Attempt to send command: discover_cluster to server: 172.25.60.10 failed. OVMAPI_4004E Server Failed Command: discover_cluster, Status:
    Mon Jan 09 12:29:47 EST 2012
    Mon Jan 09 12:29:47 EST 2012
    com.oracle.ovm.mgr.api.exception.FailedOperationException: OVMAPI_4010E Attempt to send command: discover_cluster to server: 172.25.60.10 failed. OVMAPI_4004E Server Failed Command: discover_cluster, Status:
    Mon Jan 09 12:29:47 EST 2012
    Mon Jan 09 12:29:47 EST 2012
    at com.oracle.ovm.mgr.action.ActionEngine.sendCommandToServer(ActionEngine.java:474)
    at com.oracle.ovm.mgr.action.ActionEngine.sendDiscoverCommand(ActionEngine.java:283)
    at com.oracle.ovm.mgr.action.ClusterAction.getClusterInfo(ClusterAction.java:184)
    at com.oracle.ovm.mgr.discover.ovm.ServerClusterDiscoverHandler.queryMaster(ServerClusterDiscoverHandler.java:139)
    at com.oracle.ovm.mgr.discover.ovm.ServerClusterDiscoverHandler.process(ServerClusterDiscoverHandler.java:230)
    at com.oracle.ovm.mgr.discover.ovm.DiscoverHandler.execute(DiscoverHandler.java:55)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:435)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:420)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDiscover(DiscoverEngine.java:405)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.handleDefaultDiscover(DiscoverEngine.java:388)
    at com.oracle.ovm.mgr.discover.DiscoverEngine.discoverServer(DiscoverEngine.java:229)
    at com.oracle.ovm.mgr.op.physical.ServerRefresh.action(ServerRefresh.java:64)
    at com.oracle.ovm.mgr.api.job.JobEngine.operationActioner(JobEngine.java:191)
    at com.oracle.ovm.mgr.api.job.JobEngine.objectActioner(JobEngine.java:257)
    at com.oracle.ovm.mgr.api.job.InternalJobDbImpl.objectCommitter(InternalJobDbImpl.java:1019)
    at sun.reflect.GeneratedMethodAccessor2115.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.oracle.odof.core.AbstractVessel.invokeMethod(AbstractVessel.java:223)
    at com.oracle.odof.core.BasicWork.invokeMethod(BasicWork.java:136)
    at com.oracle.odof.command.InvokeMethodCommand.process(InvokeMethodCommand.java:100)
    at com.oracle.odof.core.BasicWork.processCommand(BasicWork.java:81)
    at com.oracle.odof.core.TransactionManager.processCommand(TransactionManager.java:751)
    at com.oracle.odof.core.WorkflowManager.processCommand(WorkflowManager.java:395)
    at com.oracle.odof.core.WorkflowManager.processWork(WorkflowManager.java:453)
    at com.oracle.odof.io.AbstractClient.run(AbstractClient.java:42)
    at java.lang.Thread.run(Thread.java:662)
    Caused by: com.oracle.ovm.mgr.api.exception.IllegalOperationException: OVMAPI_4004E Server Failed Command: discover_cluster, Status:
    Mon Jan 09 12:29:47 EST 2012
    at com.oracle.ovm.mgr.action.ActionEngine.sendAction(ActionEngine.java:752)
    at com.oracle.ovm.mgr.action.ActionEngine.sendCommandToServer(ActionEngine.java:470)
    +... 26 more+
    End of Job
    ----------

    I removed server from server pool and reisntalled ovm3 server. But I can't remove this server from unassigned server list. It's now in error state. I can do rediscover server and acknowledge all events for this server but it's still in error state. How could I remove it and do discover again?

  • Simple Interface expired password change prompt

    We have a population of users who access GW exclusively through WebAcc. Some of this population has jumped on the mobile device bandwagon and so we've directed them to the simple interface when accessing GW from a mobile device.
    Some of these mobile device users now exclusively use the simple interface on their tablet/phone to access GW and when their password is expired, are never presented with the password change dialogue.
    Ive verified when user with an expired password navigates directly to the simple interface url , https://gwserver/gw/webacc?User.interface=simple, either on a mobile device or desktop browser, IE, FF, Chrome, the user consumes a grace login and is taken directly to the simple interface mailbox.
    Resetting grace logins and navigating to the standard webacc interface the GW password change dialogue is presented as expected.
    GroupWise 8.0.1 webacc on netware. I think wed refrained from going to newer releases in fear of some nasty bugs in the subsequent versions, but Ive not kept current on issues with the latest release.
    I understand the next GW version with native mobile device templates is around the corner, but management may want to address this sooner.
    Is this failure to recognize password expiry in the simple interface a know behavior?
    Regards,
    Fdiaz

    On 8/8/2011 8:36 AM, vodobaas wrote:
    > We have a population of users who access GW exclusively through WebAcc.
    > Some of this population has jumped on the mobile device bandwagon and so
    > we've directed them to the simple interface when accessing GW from a
    > mobile device.
    > Some of these mobile device users now exclusively use the simple
    > interface on their tablet/phone to access GW and when their password is
    > expired, are never presented with the password change dialogue.
    >
    > Ive verified when user with an expired password navigates directly to
    > the simple interface url ,
    > https://gwserver/gw/webacc?User.interface=simple, either on a mobile
    > device or desktop browser, IE, FF, Chrome, the user consumes a grace
    > login and is taken directly to the simple interface mailbox.
    > Resetting grace logins and navigating to the standard webacc interface
    > the GW password change dialogue is presented as expected.
    > GroupWise 8.0.1 webacc on netware. I think wed refrained from going to
    > newer releases in fear of some nasty bugs in the subsequent versions,
    > but Ive not kept current on issues with the latest release.
    > I understand the next GW version with native mobile device templates is
    > around the corner, but management may want to address this sooner.
    >
    > Is this failure to recognize password expiry in the simple interface a
    > know behavior?
    >
    > Regards,
    > Fdiaz
    I'll ask.

  • ICM ADMIN username and password

    Hi frnds
    I have installed SAPNW7.0ABAPTrialSP12 on my system. I have started the application server and it works fine but when i click on ICM in MMC it is asking me to enter ICM ADMIN username and password.
    What needs to be entered please let me know?
    Thanks
    Satya

    check this  <a href="http://help.sap.com/saphelp_nw04s/helpdata/en/82/9e98d786f040209e6a9e8145153939/content.htm">Create Administration User</a>
    1.      As user <sid>adm go to the directory where the executables are kept and call up icmon &#8209;a pf=<instance profile> .
    The following appears:
    Maintain authentication file
    ============================
    File name (icmauth.txt):   .
           2.      If you are happy with the default file name, press the enter key, otherwise enter a different file name or path.
           3.      In the next menu choose a (add user to set).
           4.      Enter the user name, then the password twice, the group name, the subject of the X.509 certificate (wildcards allowed, and it can be left empty).
    User Name: icmadm
    Enter Password: *****
    Re-enter Password: *****
    Group name: admin
    Subject Value of Client Cert: CN=template,*
    new entry locally created
    The user created is in group admin, the user is therefore an administration user without administration authorization. In particular this user can create further users in the Web admin interface.
    If you select another group name other than admin, create a monitoring user that can monitor, but not administrate, the ICM/Web Dispatcher.
    If you want a user to be able to log on only with the X.509 client certificate, you can enter an x as the password (with queries), which makes the following entry (in the example) in file:
    icmadm:x:admin:CN=muster,*
           5.      Choose s (save changes of set to file), to copy your changes from the local buffer to the authorization file.
           6.      Choose q, to quit the program.

  • Lost password and password reset utility doesn't work.

    Kind of embarassing, but a couple of days ago I decided that it would be a good idea to change my password at three in the morning. Gah!
    I tried using the password reset utility, but it would simply crash upon selecting my drive. I ran it from the terminal and it says that it's getting a bus error. I tried using passwd from single user mode, but it seems as though Apple has decided that that is a bad thing. Same goes for trying to run it from the terminal on the install disc.
    What do I do now? Getting my files back won't be a problem, but I won't have the equipment to do that until I go home, and there are still a couple of weeks left in the semester. Being stuck using my guest account really *****!
    G5   Mac OS X (10.4.6)  

    This will give you root access to your computer:
    1) Reboot into single usermode (Hold "Cmd" + "S")
    2) At the Console # type:
    fsck -fy
    - This should come up OK after a minute, if not run it again
    3) At the Console # type:
    mount -uw /
    4)At the Console # type:
    nicl -raw /var/db/netinfo/local.nidb -createprop /users/root authentication_authority ";basic;"
    - The above should be all on 1 line (this might format it to wrap a line)
    5) At the Console # type:
    nicl -raw /var/db/netinfo/local.nidb -createprop /users/root passwd
    - This will reset the root password
    6) At the Console # type:
    reboot
    7) You can now login with the username root

  • Weblogic admin user password change w/o disrupting existing users

    Hi Folks,
    As a business policy we need to change the password of the admin user in weblogic after a cycle of specific period.
    Please let us now how can we do that without losing the other existing users in 'my realm.'
    I understand that we can use the weblogic.utils.security.AdminAcoount utility to give the new password, which will create a new DefaultAuthenticatorInit.ldift file in +<domain-home>/security+ folder (according to Doc ID 1082299.1).
    The password will change but the users in 'my realm' will be lost. (there are many users and it is a production environment so recreation is out-of- question)
    Is there a way we can retain the users and still proceed with the password change?
    Cheers,
    Jeegar

    Hi Jeegar,
    This can be doen by followin the standard procedure by login to console and navigate to :-
    DOMAIN_STRUCTURE--->Security Realm--->myrealm--->Users and Groups---->User tab click on the user weblogic
    --click on the password tab and put the new password there and save (password is changed for the user here)
    ---Logout from the console and login to the console again using the new password
    But when the server starts it do not read the password for the user directly from the realm rather it picked the same from the $DOMAIN_HOME/servers/AdminServer/security/boot.properties
    Now in order to make this change available when the server starts change the values for the username and password in boot.properties and specify them in plain-text and save the same.
    Now next time whenever the server will start it will pick up the new values from the boot.properties and once the same had been accepted those will be encrypted again.
    You might have to make the change for the boot.properties for all the Managed Server if you have the Managed Servers in the domain which will be located at the location $DOMAIN_HOME/servers/<<Managed Server Name>>/data/nodemanager/boot.properties
    You can test the steps on some lower environment first and try the same in Critical environment once the testing goes successful.
    Regards,
    Vijay
    Edited by: V Kumar on Oct 25, 2012 3:06 PM

  • Airport Extreme WiFi password change

    I want to change the network password on my Airport router. When I open Airport Utility it attempts to locate the Airport base station but never finds it. It says "no configured Airport base stations have been found...will continue searching" The Airport is working and is connected to the Internet. I have Wifi access from this Mac & mobile devices in the house.
    Any ideas on what I can do to access the base station to make the password change?

    Also, is your Mac connected to the AirPort Extreme/Express (either by ethernet cable or the AirPort's own wifi) or might it have gotten connected to some other wifi network (possibly associated with your ISP's modem, gateway, or router)?

  • ORACLE Password Change using APEX FORM

    Greetings!
    I would like to find out, if there is a utility or a sample page that permits the Database password changes for the DB users within the Database. My goal is for users to maintain password using the Browser, instead of using SQL*Plus or similar Windows tools
    Thanks in advance for your help!
    Muni

    So if you and I can both authenticate to this application, we will necessarily have separate accounts, say in the Application Express account repository of that application's workspace. Our accounts will each have a password that is not synchronized with our database account password. The application will allow me (SCOTT) to change only the database account named SCOTT and will allow you (VIKAS) to change only the database account named VIKAS. That rule would make it unnecessary for the provided form to provide an input field for the database account name (it would be pre-populated). Unfortunately, the chosen authentication method requires each of us to remember our application password, and, if the application is built correctly, to remember our old database password as well. (Implementing that verification has its own issues.) If the application used LDAP then a mapping table would be needed to relate [email protected] to VIKAS. Every time a new database user needed the self-service password facility, a new user account (and a new password), and a new mapping table entry would have to be created. All of that complexity is eliminated if the application uses Database Account credentials authentication -- a new database user is created, the user can authenticate to the application and use it; the database user is removed, the user can no longer authenticate.
    Let's not confuse the aim of providing a self-service "change my database password" application (the original requirement) with the simpler task of providing a super-user-oriented database account management page (like we did in XE).
    Scott

  • AD Password Change Problem

    Hi,
    We are using a number of Intel based OSX 10.4 machines bound to a Windows 2003 Forest / Domain.
    We have run into a problem where users are unable to change there AD passwords using the Access applet from within System Prefs, it gives an error about a possible policy problem. I have tried doing the same thing using the Kerberos utility which gives similar results. If we set a user account to force the password to be changed the next login it works which is puzzling. Password changes are working without problem from within our Windows environment.
    I was wondering if anyone can shed any light on the matter?
    Many Thanks
    Tim

    Refer to the post titled "JNDI, Active Directory & Changing Passwords" at JNDI, Active Directory & Changing Passwords

  • How to implement Force password change during authentication

    Description of problem
    Our client requires web applications to support its internal security policy beyond
    normal authentication. This includes:
    - force password change periodically. This should be performed at logon time.
    - maintain password history so that a new password would not repeat any of its
    previous 15 changes.
    We already have an authentication server that satisfy these requirements. However,
    we would also like to base our solution on WebLogic security framework so that
    we can leverage the benefit of the container-managed declarative security (e.g.
    we don't need to use our special cookie to check whether a user is authenticated
    for every web page in the application). So the best scenario for us is to wrap
    up this authentication server using WLS 7.0 authentication SSPI.
    My initial investigation of WLS 7.0 security framework (based on edocs and the
    sample customer security provider codes) convinced me that overall, this is achievable.
    However, I am still left with quite a few questions, which I would like to get
    your help.
    Questions:
    1. (web container) The J2EE-standard container-based authentication is to specify
    <login-config> element. My understanding is that only FORM based authentication
    is applicable. The specified form elements:
    <form method="post" action="j_security_check">
    <INPUT TYPE="TEXT" NAME="j_username">
    <INPUT TYPE= "password" NAME="j_password">
    </form>
    is adequate for authentication. However, if the authentication service provider
    indicates that password change is needed, what would be the most appropriate way
    within WebLogic for the authentication service provider to pass such a flag to
    the web container know so that our application can access it? I guess, a simpler
    question, would be, using the standard <login-config>, webapp knows only about
    authentication fails or succeeds. Can it possibly know more information provided
    by the authentication service provider right after authentication?
    2) If we don't use standard FORM-based authentication, we will code up our own
    authentication control, which could give us a lot more flexibility, but can we
    then bind our Subject obtained through our authentication control to the WebLogic
    Subject that is running the webapp.
    3) (Authentication service provider) Our design is for the custom LoginModule
    to delegate login calls to the authentication server, and throws more refined
    exceptions such as: FailedLoginException, PasswordExpiredException, UserAccountLockedException
    (all subclassed from LoginException). Another approach is to provide detailed
    information such as password expired in callbacks. Either way, when Authentication
    service provider returns, how our web application can access this refined flag
    of authentication result.
    4) Can our customer authentication service provider use DataSource defined in
    a weblogic server? I ask this question because DataSource itself is a protected
    resource of WebLogic. Will referencing it during authentication initiate another
    authentication cycle?
    Can anyone who has experienced similar requirements and worked solutions please
    give me a hint? I appreciate your guidance.
    regards
    Licheng

    "Licheng" == Licheng <[email protected]> writes:
    Licheng> Description of problem
    Licheng> Our client requires web applications to support its internal security policy beyond
    Licheng> normal authentication. This includes:
    Licheng> - force password change periodically. This should be performed at logon time.
    Licheng> - maintain password history so that a new password would not repeat any of its
    Licheng> previous 15 changes.
    Licheng> ..
    Licheng> We already have an authentication server that satisfy these requirements. However,
    Licheng> we would also like to base our solution on WebLogic security framework so that
    Licheng> we can leverage the benefit of the container-managed declarative security (e.g.
    Licheng> we don't need to use our special cookie to check whether a user is authenticated
    Licheng> for every web page in the application). So the best scenario for us is to wrap
    Licheng> up this authentication server using WLS 7.0 authentication SSPI.
    I believe it's impractical to fit the requirement of forcing a password change
    into the standard JAAS interface.
    I think the only practical way to do this is to implement a servlet filter that
    reads the persistent record of the logged-in user to check for a "force change
    password flag". If it finds this, the servlet filter will forward to a page to
    change your password. Note that the servlet filter may be hit again when
    trying to get to the change password page, so it needs to know to not do the
    check in that case.
    If you implement this, I would strongly urge you to softcode the "change
    password" page URL in your system configuration, and not hardcode it in the
    servlet filter.
    ===================================================================
    David M. Karr ; Java/J2EE/XML/Unix/C++
    [email protected] ; SCJP; SCWCD

  • Lotus Notes password change not working

    Hi,
    I'm integrating Lotus Notus and currently we are able to create users in the Domino server, so we have many doubts:
    Lotus Notes Id Files are created in the Domino server, but this Id Files needs to be copied in the users own laptops or desktop pc's. What is the best way we can give the user the Id File?
    For password changes: I have test password change from OIM self-service, I mean, I create a user, then I provision the user account to Lotus and finally I login with the user account to OIM user self-service interface and try to change password, connector log says everything is ok and the user Id file is correctly modified but, in Domino's server, Lotus internet/http password is not modified, so it is correct? I expect the http/internet password to be changed too. For test purposes I have to copy the new Id file from the Domino server and paste it in the client pc where Lotus Notes client is installed, I put the new password and I'm able to login, but http/internet password is not changed.
    So I don't know if this is a limitation from the connector or if I miss something in order to be able to perform password changes, I have read many times connector documentation but this is not clear for me. I also have read oracle waveset Domino connector documentations but seems to work in a different way OIM do.
    Please help me
    Regards.

    Hi SaikatDas,
    Thank you for posting in MSDN forum.
    Since this forum is to discuss: Visual Studio WPF/SL Designer, Visual Studio Guidance Automation
    Toolkit, Developer Documentation and Help System, and Visual Studio Editor.
    Based on your issue, it is related to the IIS, so I’m afraid that it is not the correct forum for this issue. therefore, I suggest you can post this issue directly to the IIS forum:http://forums.iis.net/
    , maybe you will get better support.
    Thanks for your understanding.
    Best Regards,
    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click
    HERE to participate the survey.

Maybe you are looking for

  • How to email data from web form?

    I need some direction please. I have created a web page (.htm) that has several textboxes, a submit and clear button. The purpose of this web page is for users of the company intranet to input data into the textboxes and then clicking on Submit will

  • My ActiveX Controls that i downloaded (APTLaser Control and APTTEC Control) are not showing up

    I got a new computer and im trying to bring over all of my files from my previous computer, however after downloading everything i was unable to use my ActiveX controls for the above objects. When i try to reinsert the object, they are not there, how

  • HT201412 Screen is dark

    My iPad screen went dark.  Still dark when I try powering on and off.  Tried charging, hear the sound but screen stays dark, doesnt react to button - any idea?

  • Symlinks where are you

    I'm trying to import media to 10.1 using Leave Files in Place seleted during import. Files import OK but no Symlinks are created, only get the media actual copying as if the Copy Files Into option was selected. Anyone else seeing this or am I back th

  • Report Registry Variable Setting Designer 9i

    Hi, when I clicked repository report, a windows prompted and said: CDI-21332: Registry variable EXECUTE_REPORTS_RUNTIME is not set in key DES2_72 Cannot Reports in this session. It caused report builder fail. What should I do? Thanks!