Fine tuning your search parameters might help. :)
The first hit on: ORA-28003 "alter user" "identified by" 8.1 brought up ML note *242668.1 *which explains what is happening.
Jared**
Jared,
Metalink was very helpfull. It said that the new password did not pass the verification function.
Peter Schauss
------------------------------ *From:* Jared Still [mailto:jkstill@xxxxxxxxx] *Sent:* Wednesday, May 10, 2006 3:39 PM *To:* Schauss, Peter *Cc:* oracle-l@xxxxxxxxxxxxx *Subject:* Re: Password verification function
I just tried your code on an 8.1.7.4 database.
Changing password via the 'password' command works fine, however using 'alter user USERNAME identified by PASSWORD' did not work, raising an ORA-28003.
Perhaps a perusal of MetaLink is in order?
Jared
On 5/10/06, oracle-l-bounce@xxxxxxxxxxxxx <oracle-l-bounce@xxxxxxxxxxxxx> wrote: > > One further data point. I took the Oracle-supplied code and stripped > out everything except the part which checks that the password is not the > same as the userid. If I log in as a regular user, and try to change > the password I get ORA-28003 regardless of what I enter. If I connect > as system and try to change the password to equal the username, I get > ORA-28003 followed by the expected error code and message from > raise_application_error. > > Is this a privilege problem that I am dealing with? > > Here is my code: > > ------------------------------------------------------------------------ > ------------ > create or replace function dummy_pw_verify > (username varchar2, > password varchar2, > old_password varchar2) > return boolean is > BEGIN > if nls_lower(password) = nls_lower(username) then > raise_application_error(-20001, 'Password same as > username'); > end if; > return(true); > end; > > ------------------------------------------------------------------------ > ------------- > > Thanks, > Peter Schauss > > > > -----Original Message----- > From: oracle-l-bounce@xxxxxxxxxxxxx > [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Schauss, Peter > Sent: Wednesday, May 10, 2006 2:24 PM > To: oracle-l@xxxxxxxxxxxxx > Subject: Password verification function > > I am trying to implement some simple password complexity rules by adding > a password verification function to the default profile. I am using > Oracle's sample code (utlpwdmg.sql) as a starting point. Looking at the > code, I can see that it raises application errors (-20001, -20002 ...) > for things like a password which is the same as the user name, password > too short, etc. When I try to change a password, however, all I get is > the generic ORA-28003 error, even when I try a password which, I > believe, should pass. What am I missing here? > > Environment: Oracle 8.1.7.4 with the cpuJan2006 patches, AIX 5.3. > > Thanks, > Peter Schauss > -- > //www.freelists.org/webpage/oracle-l > > > -- > //www.freelists.org/webpage/oracle-l > > >
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist
-- Jared Still Certifiable Oracle DBA and Part Time Perl Evangelist