CGI script which goes in like a DBA and fixes the password. On 02/23/2004 04:11:58 PM, "Vergara, Michael (TEM)" wrote: > What I am trying to do seems so simple that I still cannot > believe I'm not done yet! > > I want to build a web page where a 'normal' (non-privileged) > user can go, enter his/her login, see a list of the DB's > where he/she has an account, enter a new password, click a > checkbox (or -boxes), and have the web page call a <Choose- > the-utility-here> routine to go out and update the user's > password on the selected DBs. > > I can do everything except get the DB update to work. > > There's no daemon. This is intended to be an on-demand > utility. There's a central server/instance that has > definitions to all the DBs in the TNSNAMES.ORA file. From > this DB I harvest the user logins nightly, to build the list > to present to the user. I *know* I can connect, although to > do the harvest I create a temporary database link, instead of > using Java or whatever. > > It's the silly step of changing the password. The problem is > that the user may wait until after the p/w has expired, so they > cannot log in. I found the OCINewPassword routine will do a > password change even on a expired login. But ARG! This is > the second (or is it third) method I've tried and they have all > had one kind of issue or another. > > Any more suggestions? > > Thanks, > Mike > > > -----Original Message----- > From: Mladen Gogala [mailto:mladen@xxxxxxxxxxxxxxx] > Sent: Monday, February 23, 2004 12:21 PM > To: oracle-l@xxxxxxxxxxxxx > Subject: Re: Slightly OT: Java in the DB > > > Exactly what are you trying to do? For having a daemon (or demon, > for that matter) lurking in the darnkness of the central server and > resetting expired passwords, the daemon needs to maintain a permanent > connection with sufficient privileges to change any user's password, > typically, a dba connection. If your DBA doesn't use profiles, with > the idle time limitation, you can have a permanently connected process > which would change password as soon as it was signalled to him. The > question is: what would the password be changed to? There are strings > which are extremely hard tu guess (username, "qwerty", "password", "tiger") > and which would make your username secure. At one of my places of > work, I've witnessed the following story: a tech support expert leaves > a unix worsktation logged in, as root, and goes home at 6 PM, when cleaning > ladies entered the office. One of the cleaning ladies had a 14 years old > son which wanted to check the old joke with "rm -rf /". He found out > that it really does destroy everything on a unix system. Now, you are absent, > your password expires at 7 P.M. and there is an eager help desk person who > wants to test "drop tablescpace FIN_DATA including contents and datafiles > cascade constraints" that he or she has seen written somewhere. I'll leave > the rest of the story to you. > > ---------------------------------------------------------------- > Please see the official ORACLE-L FAQ: http://www.orafaq.com > ---------------------------------------------------------------- > To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx > put 'unsubscribe' in the subject line. > -- > Archives are at //www.freelists.org/archives/oracle-l/ > FAQ is at //www.freelists.org/help/fom-serve/cache/1.html > ----------------------------------------------------------------- > ---------------------------------------------------------------- Please see the official ORACLE-L FAQ: http://www.orafaq.com ---------------------------------------------------------------- To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put 'unsubscribe' in the subject line. -- Archives are at //www.freelists.org/archives/oracle-l/ FAQ is at //www.freelists.org/help/fom-serve/cache/1.html -----------------------------------------------------------------