I just tried your code on an 8.1.7.4 database.
Changing password via the 'password' command works fine, however using 'alter user USERNAME identified by PASSWORD' did not work, raising an ORA-28003.
Perhaps a perusal of MetaLink is in order?
Jared
On 5/10/06, oracle-l-bounce@xxxxxxxxxxxxx <oracle-l-bounce@xxxxxxxxxxxxx> wrote:
One further data point. I took the Oracle-supplied code and stripped out everything except the part which checks that the password is not the same as the userid. If I log in as a regular user, and try to change the password I get ORA-28003 regardless of what I enter. If I connect as system and try to change the password to equal the username, I get ORA-28003 followed by the expected error code and message from raise_application_error.
Is this a privilege problem that I am dealing with?
Here is my code:
------------------------------------------------------------------------ ------------ create or replace function dummy_pw_verify (username varchar2, password varchar2, old_password varchar2) return boolean is BEGIN if nls_lower(password) = nls_lower(username) then raise_application_error(-20001, 'Password same as username'); end if; return(true); end;
------------------------------------------------------------------------ -------------
Thanks, Peter Schauss
-----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Schauss, Peter Sent: Wednesday, May 10, 2006 2:24 PM To: oracle-l@xxxxxxxxxxxxx Subject: Password verification function
I am trying to implement some simple password complexity rules by adding a password verification function to the default profile. I am using Oracle's sample code (utlpwdmg.sql) as a starting point. Looking at the code, I can see that it raises application errors (-20001, -20002 ...) for things like a password which is the same as the user name, password too short, etc. When I try to change a password, however, all I get is the generic ORA-28003 error, even when I try a password which, I believe, should pass. What am I missing here?
Environment: Oracle 8.1.7.4 with the cpuJan2006 patches, AIX 5.3.
Thanks, Peter Schauss -- //www.freelists.org/webpage/oracle-l
-- //www.freelists.org/webpage/oracle-l
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist