Index: Date Index | Thread Index

[Date Prev] | [Date Next] | [Thread Prev] | [Thread Next]

[OAUGNetDBA]-Re: customize password validation

Didn't encounter any customer who had this java API implemented for
additional password complexity.
Following profiles had taken care most of their needs

Signon Password Case - enables to use upper and lower case chars
Signon Password Failure Limit - control number unsuccessful login attempts
Signon Password Hard To Guess - checks for atlease one char & one number,
doesn't contain username and no repeating charecters
Signon Password Length - minimum length of the  password
Signon Password No Reuse - number of days before which one cannot reuse an
old password

Password Expire section in user - define form, to make passwords expire


Vasu Balla
Apps DBA - The Pythian Group
www.pythian.com
-----Original Message-----
From: OAUG Net DBA listserver [mailto:OAUGNetDBA@oaug.com] On Behalf Of
Ramana Kallepalli
Sent: Tuesday, August 26, 2008 4:51 AM
To: OAUG Net DBA listserver
Subject: [OAUGNetDBA]-Re: customize password validation

Being a leading Bank in middle east our audit and security policies are
stringent and this is driven by our internal audit/risk teams. The Oracle
security best practices doc says,

To customize password validation create a Java class that implements the
oracle.apps.fnd.security.
PasswordValidation Java interface. The interface requires three methods:
1. public boolean validate(String user, String password This method takes a
username and password, and returns True or False, indicating whether the
user's password is valid or invalid, respectively.
2. public String getErrorStackMessageName() This method returns the name of
the message to display when the user's password is deemed invalid (i.e., the
validate() method returns False).
3. public String getErrorStackApplicationName() This method returns the
application short name for the aforementioned error message.

---------------------------------------------------

Looking at this procedure it sounds like password validation can be done
without Oracle SSO implementation.  I was wondering if anyone is using this
option ...

Regards,
Ramana



On 8/25/08, Doug Sparks <DSparks@vical.com> wrote:
> Is there an overwhelming reason in your environment that the password
policies need to be identical(i.e. SSO)?  Or is this driven by a SOX audit?
Perhaps you could use a single password policy for the organization that
contains your general password rules and then notes limitations on specific
applications.
>
> Regards,
>
> Doug Sparks
>
>
> -----Original Message-----
> From: OAUG Net DBA listserver [mailto:OAUGNetDBA@oaug.com] On Behalf 
> Of Ramana Kallepalli
> Sent: Monday, August 25, 2008 1:54 AM
> To: OAUG Net DBA listserver
> Subject: [OAUGNetDBA]-customize password validation
>
> Hi,
>
> We are runnng R12 (12.0.4) and our EBS password policy is not in 
> accordance with Windows password policy. As per note 403537.1 we can 
> customize Password Validation. Does anyone using customize password 
> validation option? Appreciate any reference to metalink notes or 
> example java classess in this regard.
>
> Thanks in advance for your feedback.
>
>
> Notice:  This e-mail message, together with any attachments, contains
information of Vical Incorporated (San Diego, California, USA) that may be
confidential, proprietary copyrighted and/or legally privileged, and is
intended solely for the use of the individual or entity named on this
message.  If you are not the intended recipient, and have received this
message in error, please notify us immediately by reply e-mail and then
delete it from your system.
>
> #############################################################
> This message is sent to you because you are subscribed to the mailing list
<OAUGNetDBA@oaug.com>.
> To unsubscribe, E-mail to: <OAUGNetDBA-off@oaug.com> To switch to the 
> FEED mode, send any message to <OAUGNetDBA-feed@oaug.com> To switch to 
> the DIGEST mode, E-mail to <OAUGNetDBA-digest@oaug.com> To switch to 
> the INDEX mode, E-mail to <OAUGNetDBA-index@oaug.com> Send 
> administrative queries to  <OAUGNetDBA-request@oaug.com>
>
>


--
Regards

Ramana Kallepalli

#############################################################
This message is sent to you because you are subscribed to the mailing list
<OAUGNetDBA@oaug.com>.
To unsubscribe, E-mail to: <OAUGNetDBA-off@oaug.com> To switch to the FEED
mode, send any message to <OAUGNetDBA-feed@oaug.com> To switch to the DIGEST
mode, E-mail to <OAUGNetDBA-digest@oaug.com> To switch to the INDEX mode,
E-mail to <OAUGNetDBA-index@oaug.com> Send administrative queries to
<OAUGNetDBA-request@oaug.com>


#############################################################
This message is sent to you because you are subscribed to the mailing list <OAUGNetDBA@oaug.com>.
To unsubscribe, E-mail to: <OAUGNetDBA-off@oaug.com>
To switch to the FEED mode, send any message to <OAUGNetDBA-feed@oaug.com>
To switch to the DIGEST mode, E-mail to <OAUGNetDBA-digest@oaug.com>
To switch to the INDEX mode, E-mail to <OAUGNetDBA-index@oaug.com>
Send administrative queries to  <OAUGNetDBA-request@oaug.com>
  • Prev by Date: [OAUGNetDBA]-Re: Oracle Apps storage solutions
  • Next by Date: [OAUGNetDBA]-Re: customize password validation
  • Previous by thread: [OAUGNetDBA]-Re: customize password validation
  • Next by thread: [OAUGNetDBA]-Re: customize password validation

    • Index: Date Index | Thread Index

    Thank you for using the OAUG Listserver Archive.