Password API

With Portal 3.0.9, we used portal30_sso.wwsso_api_user_admin API to reset password, unlock user account etc. Can any one please tell me which api can be used in 10.1.4. I am assuming that the api will be in orasso schema?
Thanks in Advance.

take a look at portal.wwsec_api and portal.wwsec_oid
hope it helps

Similar Messages

Powershell script monitor with encrypted password

I have created a powershell script based monitor in my management pack and everything is ok but I can't get my credentials work inside the script. I want to open pssession to another computer with my credentials. I have triple checked that my pssession is
working because I can access it from powershell console.
This works perfectly at local server from PSconsole:
$EncryptedPassword ="01000000d08c9ddf0115d1118c7a00c04fc297eb01000000534b2....etc...etc..."
$pw = convertto-securestring -String $EncryptedPassword
$cred = new-object System.Management.Automation.PSCredential -argumentlist "MyDOMAIN\MyACCOUNT",$pw
$s = New-PSSession -ComputerName "MyServer" -Port MyPort -Credential $cred
But when I run the same lines inside my management pack the convertto-securestring
does nothing, it just wont convert the encrypted password to secure string!
I have tried this plain text method and it works
inside my management pack, but I don't want to use it because you can see the password in plain text:
ConvertTo-SecureString -String "myPlainTextPassword" -AsPlainText -Force
This is the $error variable, so it's basically says that I don't have anything in the password secure string variable because the convertion did not work for some reason:
The argument is null. Provide a valid value for the argument, and then try running the command again. Cannot process argument transformation on parameter 'Credential'. PromptForCredential Exception calling ".ctor" with "2" argument(s):
"Cannot process argument because the value of argument "password" is null. Change the value of argument "password" to a non-null value." The system cannot find the file specified. Exception calling "SecureStringToBSTR"
with "1" argument(s): "Value cannot be null. Parameter name: s" The system cannot find the file specified. Exception calling "SecureStringToBSTR" with "1" argument(s): "Value cannot be null. Parameter name: s"
The system cannot find the file specified.
So is there some known issue with SCOM Agent / management pack when you are dealing with convertto-securestring
function with encrypted passwords?
I used these methods to encrypt the password: Technet article about encryption

I got it to work!
<TypeDefinitions>
<EntityTypes>
<ClassTypes>
<ClassType ID="MyClass" Accessibility="Public" Abstract="false" Base="Windows!Microsoft.Windows.LocalApplication" Hosted="true" Singleton="false" Extension="false"
/>
</ClassTypes>
</EntityTypes>
<SecureReferences>
<SecureReference ID="MyRunAsAccountProfile" Accessibility="Public" Context="System!System.Entity" />
</SecureReferences>
<ScriptBody>param (
[string]$Username,
[string]$Password
$API = new-object -comObject "MOM.ScriptAPI"
$PropertyBag = $API.CreatePropertyBag()
$cred = New-Object System.Management.Automation.PSCredential -Argumentlist @($Username,(ConvertTo-SecureString -String $Password -AsPlainText -Force))
$s = New-PSSession -ComputerName "myserver" -Credential $cred
Invoke-Command -Session $s -ScriptBlock { $service = Get-Service -Name Spooler}
$invcom = Invoke-Command -Session $s -ScriptBlock { $service.status}
Remove-PSSession -Id $s.Id
if ($invcom.Value -ne "Running") {
$PropertyBag.AddValue("State","ERROR")
$outputLongLine = "Spooler Service is not running on target server!"
$PropertyBag.AddValue("Description", $outputLongLine)
else {
$PropertyBag.AddValue("State","OK")
$outputLongLine = "Spooler is Running on target server."
$PropertyBag.AddValue("Description", $outputLongLine)
$PropertyBag</ScriptBody>
<Parameters>
<Parameter>
<Name>Username</Name>
<Value>$RunAs[Name="MyRunAsAccountProfile"]/Domain$\$RunAs[Name="MyRunAsAccountProfile"]/UserName$</Value>
</Parameter>
<Parameter>
<Name>Password</Name>
<Value>$RunAs[Name="MyRunAsAccountProfile"]/Password$</Value>
</Parameter>

Setting Up Paypal Website Payments Pro Payment Gateway

Hello,
My customer is using Paypal Standard and the setup was straightforward and easy.
Now we are looking at using Paypal Website Payments Pro Payment Gateway because we want to accept paid Events Bookings.
My two questions:
The instructions to set up the Paypal Payment Gateway look straightforward. After I upgrade my Paypal account, I add the Username, Password, API Signature into my Business Catalyst website. Is that it? Will our shopping cart will continue to function like it has? Or are things more complicated than that? Or will I have to make other changes for the shopping cart system to work?
There is mention of setting up Cardinal Centinel. (We are not using recurring billing). I'm not really sure what the Cardinal Centinel is all about. Is that an important part of the setup of Paypal's Payment Gateway?
I'd like to be prepared before I start down this path.
Any advice would be appreciated.
Thank you,
Tricia

Some links that other people might find helpful about 3D Secure.
http://en.wikipedia.org/wiki/3-D_Secure
Setting up 3D secure

Unable to raise password expiry warning exception in OID using JAVA API

Hi,
We are maintaing the user information for our application in OID(9.2). During logon, it is required that a warning is given to the user according to the value set in "Password Expiration Warning" parameter.
A pl/sql program (using DBMS_LDAP/DBMS_LDAP_UTL packages) written to test password expiry raises the PWD_EXPIRE_WARN exception as expected. However we are unable to simulate the same using the JAVA APIs.
We did try some thing like the following:
public class SampleExpire {
public static void main(String argv[])
throws NamingException {
// Create InitialDirContext
InitialDirContext ctx = ConnectionUtil.getDefaultDirCtx( "TCS-UUODC4",
"4032",
"cn=orcladmin",
"welc0me" );
System.out.println("Hello");
// Create User Objects
User myuser = null,
try {
// Create User using a subscriber DN and the User DN
myuser = new User ( ctx,
Util.IDTYPE_DN,
"uid=C100013, ou=People, o=UUSD",
Util.IDTYPE_DN,
"ou=People, o=UUSD",
false );
catch ( UtilException e ) {
* Exception encountered in User object constructor
System.out.println("User creation failed");
// Authenticate User
try {
myuser.authenticateUser(ctx,User.CREDTYPE_PASSWD,"Z100013");
catch ( UtilException e ) {
* Authenticate fails
System.out.println("Authentication failed");
} // End of SampleExpire.java
The authenticate user does not raise any exception.
Am I missing something ?
Regards -
Adhiraj

Hi,
did you manage to solve this problem? Please let me know

How to change Analyzer user password with Administration API?

Hi, I would like to change Analyzer user password with Administration API. Can someone post some sample commands to do the task? I would just like to write an application to change end user's Analyzer password. As I see I would need to do the following: 1. login with admin userid/password 2. execute some method to change password for required userid. I think the input parameter should be userid (of the user I would like to change password) and new password (the new password for the user). 3. logout Can someone post some sample code (commands to execute)? Thanks, grofaty My system: Analyzer Server 7.0.1. Essbase server 7.1 Windows XP SP2 

<blockquote>quote: <hr>Originally posted by: knightrich Hello Mr. Jordan. I would like to exchange some thoughts about "housekeeping" Analyzer reports in preparation for migration from Analyzer 7.0.0.0.01472 to 9.x: ... Did you solved such a problem or do you have an idea if it could be solved with the Admin API methods? ... Migration from 7.00 to 9.x: As we heard last week the "Migration Wizard for Reports" in 9.3 should be able to migrate reports. Do you have experience or more detailed information about that Wizard? Many thanks in advance knigthrich<hr></blockquote> knighrich, I'd like to be more help, but I have no experience with System 9. I did substantial cleanup when we migrated from Analyzer 6 to Analyzer 7.1, and even more cleanup when moving up to 7.2, but our installation is smaller in scale than yours and we didn't need to automate report cleanup. You might be able to get the ownership information you need through the back door, doing a direct query on the database, but simpler might be an export users, at least from 7.0. (This facility probably doesn't exist in system 9; it was dropped in 7.2 in favor of an undocumented API) The export file is an xml file that could easily be parsed to identify reports that have the administrator as user and then a second pass to delete those with otuer ownership as well. As previously suggested, you might be able to get this by a well crafted SQL query against the repository. Procedurally, we have both public reports that have the blessing of management and are widely available, owned by a "public owner", and private reports developed by indivdual users and shared or not. Our team maintains the public reports, but not the private reports. We may be asked to make a previously private report public and take over maintenance of it. I hope that you can find a solution that meets your needs. Certainly a call to customer support to identify a poorly documented feature would be in order.

OIM 11g (OIMClient) API login without password

Hi,
Is it possible to login using OIMClient API with username only?
I would like to use a trusted web service to invoke the OIMClient API (using private key and username), this seems possible in the previous version of OIM, has anyone tried with 11g and how do you do it.
Alternatively is it possible to decrypt 11g password from a web service?
Thanks

Hi,
If you are looking for login to OIM using UserName/PrivateKey, refer the link below:
While login to OIM 11g using private key getting error
Regards,
Raghav.

Create a user through the API and "Prompt user to change password after next login".

Using the Adobe Connect Interface, I can create a user and check the checkbox to "Prompt user to change password after next login".
Can I achieve the same result using the API? The principal-update action doesn't offer such an option and, as far as I can tell, there isn't another action to do so either.
Thank you.

You can achieve it as part of your application functionality, but not as a configuration option on WLS.

Change password in Active Directory using the JNDI GSS-API/Kerberos

Hi
I am trying to the JNDI GSS-API to change a user password.
When I actually try to change the password using ctx.modifyAttributes(userName, mods), I get the exception:
09:39:38,163 ERROR [STDERR] javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0 ]; remaining name 'CN=USER,OU=Usuarios,DC=testead,DC=br'
Here's my java code:
public class ChangePasswordLDAPCommand implements Command {
 static Logger logger = Logger.getLogger(ChangePasswordLDAPCommand.class.getName());
 @SuppressWarnings("unchecked")
 public boolean execute(org.apache.commons.chain.Context context) throws ApplicationException {
 logger.info("Início - execute");
 try {
 CoreConfig config = CoreConfig.getInstance();
 String userName = config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_NAME);
 char[] password = config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_PASSWORD).toCharArray();
 Subject subject = new Subject();
 Krb5LoginModule krb5LoginModule = new Krb5LoginModule();
 Map<String, String> map = new HashMap<String, String>();
 Map<String, String> shared = new HashMap<String, String>();
 map.put("com.sun.security.auth.module.Krb5LoginModule","required");
 map.put("client","true");
 map.put("useTicketCache","true");
 map.put("doNotPrompt","true");
 map.put("useKeyTab","true");
 map.put("useFirstPass","true");
 map.put("refreshKrb5Config","true");
 logger.info(">>>>> map.toString(): "+map.toString());
 shared.put("javax.security.auth.login.name", config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_NAME));
 shared.put("javax.security.auth.login.password", config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_PASSWORD));
 shared.put("javax.net.debug","SSL,handshake,trustmanager");
 shared.put("sun.security.krb5.debug","true");
 shared.put("com.sun.jndi.ldap.connect.pool.timeout","30000");
 logger.info(">>>>> shared.toString(): "+shared.toString());
 krb5LoginModule.initialize(subject, new UserNamePasswordCallbackHandler(userName,password),shared,map);
 krb5LoginModule.login();
 if(krb5LoginModule.commit()){
 //Recupera o usuario a ser alterado
 UsuarioTOLDAP usuarioTO = (UsuarioTOLDAP) context.get(CoreConfig.USUARIO_TO_LDAP);
 logger.info(">>>>>>>>>>>>>>>>>>>>>> subject.toString(): "+subject.toString());
 Subject.doAsPrivileged(subject, new JndiAction(usuarioTO), null);
 } catch (LoginException e) {
 e.printStackTrace();
 } catch (PrivilegedActionException e) {
 e.printStackTrace();
 logger.info("Fim - execute");
 return Command.CONTINUE_PROCESSING;
@SuppressWarnings("unchecked")
public class JndiAction implements java.security.PrivilegedExceptionAction{
 private static Logger logger = Logger.getLogger(JndiAction.class.getName());
 private UsuarioTOLDAP usuarioTOLDAP = null;
 public JndiAction(UsuarioTOLDAP usuarioTO) {
 this.usuarioTOLDAP = usuarioTO;
 public Object run() {
 performJndiOperation(usuarioTOLDAP);
 return null;
 @SuppressWarnings("unchecked")
 private static void performJndiOperation(UsuarioTOLDAP usuarioTOLDAP){
 logger.info(">>>>> entrei na JndiOperation");
 try {
 CoreConfig config = CoreConfig.getInstance();
 String distinguishedName = "";
 String keystore = "C:/Documents and Settings/user/.keystore";
 System.setProperty(CoreConfig.JAVAX_NET_SSL_TRUSTSTORE,keystore);
 System.setProperty("com.sun.jndi.ldap.connect.pool.timeout","30000");
 System.setProperty("javax.net.debug","all");
 System.setProperty("sun.security.krb5.debug","true");
 Hashtable env = new Hashtable();
 env.put(Context.INITIAL_CONTEXT_FACTORY, CoreConfig.INITIAL_CONTEXT_FACTORY);
 env.put(Context.PROVIDER_URL, config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_URL));
 env.put(Context.SECURITY_AUTHENTICATION, CoreConfig.SECURITY_PROTOCOL_GSSAPI);
 env.put(Context.SECURITY_PRINCIPAL, config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_NAME));
 env.put(Context.SECURITY_CREDENTIALS, config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_ADMIN_PASSWORD));
 env.put(CoreConfig.JAVAX_NET_SSL_TRUSTSTORE,keystore);
 env.put("javax.security.sasl.qop","auth-int");
 env.put("javax.security.sasl.strength","high");
 env.put("javax.security.sasl.server.authentication","true");
 String userName = "CN=USER,"+config.getProperty(CoreConfig.PARAM_CONFIG_LDAP_BASE_DN);
 // Cria o contexto inicial de acesso ao LDAP
 //DirContext ctx = new InitialDirContext(env);
 // Create the initial directory context
 LdapContext ctx = new InitialLdapContext(env,null);
 //set password is a ldap modfy operation
 ModificationItem[] mods = new ModificationItem[1];
 //Replace the "unicdodePwd" attribute with a new value
 //Password must be both Unicode and a quoted string
 String newQuotedPassword = "\"" + usuarioTOLDAP.getNovaSenha() + "\"";
 byte[] newUnicodePassword = newQuotedPassword.getBytes("UTF-16LE");
 mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("unicodePwd", newUnicodePassword));
 // Perform the update
 ctx.modifyAttributes(userName, mods);
 ctx.close();
 } catch (NamingException e1) {
 e1.printStackTrace();
 } catch (UnsupportedEncodingException e) {
 e.printStackTrace();
 } catch (IOException e) {
 // TODO Auto-generated catch block
 e.printStackTrace();
}Edited by: c0m4nch3 on Jan 21, 2010 12:13 PM

Refer to my response for a similar question in http://forums.sun.com/thread.jspa?threadID=5416736
Also the following may be related: http://forums.sun.com/thread.jspa?threadID=5196192
Good luck.

"Password has expired" for user created via UME API

Hi,
I have written a service that processes new user accounts and uses the UME API to create them. The code works fine on my local Sneak Preview installation of EP6 SP16, allowing the created users to logon and forcing them to change their password on first login.
When I try and run this code on EP6 SP14 it completes without generating any exceptions but when I try and login I get the message "Password has expired" and cannot login or change the users password.
Does anyone know why?
I have the following UME settings for both servers:
ume.logon.security_policy.password_change_allowed = TRUE
ume.logon.security_policy.password_change_required = TRUE
ume.logon.security_policy.password_expire_days = 99999
The SP14 server also uses LDAP to authenticate users primarily and has the following setting:
ume.persistence.data_source_configuration = dataSourceConfiguration_ads_deep_readonly_db.xml
There are some other UME configuration differences but none that seem relevant to this problem.
Can anyone suggest what the problem might be?
Cheers,
Steve Archer

The Xp machine is fine acessing the mb
its the macbook that is having a problem accessing the xp machine coz it says that the password has expired
but there is no password for the user on the xp machine that i am trying to access from my mb
so that would be:
xp to mb = fine all working
mb to xp = password expired even though no password required for the xp user

Administrator API: Login to specific instance with username, password

1) How do I login to a specific instance of ColdFusion administrator with a username and password. The example I see everywhere is variations of:
adminObj = createObject("component","cfide.adminapi.administrator");
adminObj.login("password");
which appears to be based on no instances and not multiple administrators.
my goal is to log into a set of instances and assign datasources to each of them based on a csv file. I know how to do all that once logged in.
What I don't know how to do is log in!
Please help!
2) Is there an actual document anywhere that actually documents the administrator API? I have the help files that I suspect everyone has and they don't.
Thank you.

The way I did it was to create a directory under the cfide folder in a given instance and called the pages via http://server.blah.com:8301/cfide/blah/admin.cfm
Here's some example code of creating a datasource (I don't recall where I grabbed it from, it isn't mine - but it does work).

<cfset administratorService = CreateObject("component","CFIDE.adminapi.administrator")>
<cfset bIsLoggedIn = administratorService.Login(dsnpassword,dsnuser)>
<cfif bIsLoggedIn>
 <cfset datasourceService = createObject("component", "CFIDE.adminapi.datasource")>
 
 <cfif datasourceService.VerifyDSN(#dsName#) eq false>
 <cfset stArgs = StructNew()>
 <cfset stArgs.name = #dsName#>
 <cfset stArgs.database = #dbName#>
 <cfset stArgs.host = #dbServer#>
 <cfset stArgs.port = 1433>
 <cfset stArgs.driver = mssql>
 <cfset stArgs.selectmethod = datasource_selectmethod>
 <cfset stArgs.username = dbuser>
 <cfset stArgs.password = dbpassword>
 
 <cfset datasourceService.SetMSSQL(argumentCollection=stArgs)>
 </cfif>
</cfif> --->

MDM API Password questions...

Hi Guru's
I have some questions for which i am struggling to get the answeres on how MDM handles passwords using MDM's API's
1. Is there a COM API for management of MDM users? COM documentation that we have does not mention anything.
2. To avoid using any server side code, is it possible to remotely call the IF_MDM_ADMIN bapi through the RFC interface?
Regards
Vikrant M Kelkar..

Hi! What about using ABAP method "create_user":
CALL METHOD lr_api->mo_admin->create_user
EXPORTING
is_user_information = ls_user
IMPORTING
ev_new_user_id = lv_new_user.
ls_user holds user name and passw.
Refer to ABAP MDM API

Api or command to decode password

Hi,
I am trying to run an ODI Scenario using Java APIs(using the package oracle.odi.sdk.invocation).
I am creating OdiRepositoryConnection object and setting its parameters(odiusername,password,jdbc username,password).
I am able to run the scenario by using the invoke command of odiinvocation class.
But right now i have placed the unencoded password in the java code.
I want to use the encoded password for security reasons. But OdiRepositoryConnection object's setOdiPassword accepts un-encoded password.
Is there any other API method which accepts encoded password so that I can avoid embedding actual password in the code?
or is there some API/command to get the decoded password from encoded string?
Or any other secured approach that I can follow. Please help me.
Thanks!!
Edited by: Kumar Sushant on Nov 13, 2008 11:19 PM

Hi Kumar...
Take a look my at the last post in the thread
Retriving UNENCODED password for data server
You can use the same technique....
Does it work for you?

I need know API to get password

Hi,
I have a procedure to login public users to portal users like
PORTAL30.wwptl_login.login_url('user','PASSWORD','','url','');
but in this procedure I needed put the password hard-coded and when I need to change the user password I will have to change the procedure.
Somebody know a API to capture the password's user and pass this like parameter?
Thanks

Gloria,
Passwords are one-way hashed you cannot get them back in clear text.
Could you explain what you are trying to achieve?

Passing username and password while calling the simple HTTP API

Hi,
I want to execute a graph by calling the http api from a java code. However, this gives me a 401 unauthorized http error as I am not passing the username and password to the clover http url.
The following is the format of the constructed url. - http://<host>:<port>/clover/simpleHttpApi/graph_run?sandbox=<sandboxname>&graphID=graph/Baseline.grf&verbose=FULL
Can anyone suggest how to pass user credentials to this url.
Thanks

Brett,
Thanks for the response.
The idea is to run the baseline graph using the simple http api and get the run id of the job. Then I plan to call
this url - http://<host>:<port>/clover/simpleHttpApi/graph_status?runID=1310924&returnType=STATUS_TEXT&waitForStatus=FINISHED_OK by passing the obtained run ID of the previous job dynamically to this url. This status has to be read and printed on the screen. Now all this is easy to write using java and executing the java class using the JAVA EXECUTE component of Integrator ETL 3.1. My only problem is how do I pass the user credentials.
Thanks

Accessing the password store (PSTORE) via API

After having created portal users via API srcipt, we now would like to register users
for an external application programmatically.
I.e. we have a portal user and we know his account info ( user / passwd ) for the external application. Portal seems to store account infos for external applications in a "Password Store". So i am looking for an API to register portal users for external applications providing the known acount info,
i.e. sth. like
PSTORE.InsertExtAccount( PortalUser, ApplicationName, ExtUser, Extpasswd).
I had a look at http://www-sso.us.oracle.com/
but could not find API description or any hints when an API like that will go production.
Can anyone help me with that issue ?
Thanks a lot.
null

This is probably the wrong forum for this question - I would try the 9iAS Portal forum.

Password API

Similar Messages

Maybe you are looking for