Reset Oracle Single Sign-On password
As of Oracle Portal Release 10.1.4, there’s a standard procedure to allow users to reset their password.
In order to get this thing working, users will have to provide a “Password Reset Hint” and an “Answer to Password Reset Hint” in their profile. This can be achieved through http://infra_host/oiddas/ui/oracle/ldap/das/mypage/ChgPwdMyPage.
When this information is submitted to the LDAP server, users can use http://infra_host/oiddas/ui/oracle/ldap/DASStep1ResetPwd to reset their password.
Oracle Web Service Manager
Another environment we should get familiar with…
The Oracle Web Service Manger will enable you to implement security without modifications to the existing Web Services, it will as a matter of fact create a gateway through which you access existing services.
Every service you register to the gateway will be made available through a new service URL and you can modify the security, logging or content validation of the service by using the Oracle Web Service Manger. You can, for instance, change the way a request is handled by adding additional steps to the request processing.
By default a request “pipeline” (that’s how the different steps in the processing are called) will write log information to the database. This pipeline can be extended without coding by adding different pipeline steps. During the workshop we added steps to extract credentials from the HTTP Request (or SOAP envelope), authenticate to a LDAP Directory and authorize using service roles which are defined in the LDAP Directory.
All of this was configured and tested within 5 minutes!!
I’m looking forward to the production release of Oracle Web Service Manager because sometimes we had to “stop and start all services” to work around some strange behaviour…