CGI script which goes in like a DBA and fixes the password.
On 02/23/2004 04:11:58 PM, "Vergara, Michael (TEM)" wrote:
> What I am trying to do seems so simple that I still cannot
> believe I'm not done yet!
>
> I want to build a web page where a 'normal' (non-privileged)
> user can go, enter his/her login, see a list of the DB's
> where he/she has an account, enter a new password, click a
> checkbox (or -boxes), and have the web page call a <Choose-
> the-utility-here> routine to go out and update the user's
> password on the selected DBs.
>
> I can do everything except get the DB update to work.
>
> There's no daemon. This is intended to be an on-demand
> utility. There's a central server/instance that has
> definitions to all the DBs in the TNSNAMES.ORA file. From
> this DB I harvest the user logins nightly, to build the list
> to present to the user. I *know* I can connect, although to
> do the harvest I create a temporary database link, instead of
> using Java or whatever.
>
> It's the silly step of changing the password. The problem is
> that the user may wait until after the p/w has expired, so they
> cannot log in. I found the OCINewPassword routine will do a
> password change even on a expired login. But ARG! This is
> the second (or is it third) method I've tried and they have all
> had one kind of issue or another.
>
> Any more suggestions?
>
> Thanks,
> Mike
>
>
> -----Original Message-----
> From: Mladen Gogala [mailto:mladen_at_wangtrading.com]
> Sent: Monday, February 23, 2004 12:21 PM
> To: oracle-l_at_freelists.org
> Subject: Re: Slightly OT: Java in the DB
>
>
> Exactly what are you trying to do? For having a daemon (or demon,
> for that matter) lurking in the darnkness of the central server and
> resetting expired passwords, the daemon needs to maintain a permanent
> connection with sufficient privileges to change any user's password,
> typically, a dba connection. If your DBA doesn't use profiles, with
> the idle time limitation, you can have a permanently connected process
> which would change password as soon as it was signalled to him. The
> question is: what would the password be changed to? There are strings
> which are extremely hard tu guess (username, "qwerty", "password", "tiger")
> and which would make your username secure. At one of my places of
> work, I've witnessed the following story: a tech support expert leaves
> a unix worsktation logged in, as root, and goes home at 6 PM, when cleaning
> ladies entered the office. One of the cleaning ladies had a 14 years old
> son which wanted to check the old joke with "rm -rf /". He found out
> that it really does destroy everything on a unix system. Now, you are absent,
> your password expires at 7 P.M. and there is an eager help desk person who
> wants to test "drop tablescpace FIN_DATA including contents and datafiles
> cascade constraints" that he or she has seen written somewhere. I'll leave
> the rest of the story to you.
>
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> ----------------------------------------------------------------
> To unsubscribe send email to: oracle-l-request_at_freelists.org
> put 'unsubscribe' in the subject line.
> --
> Archives are at http://www.freelists.org/archives/oracle-l/
> FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
> -----------------------------------------------------------------
>
Please see the official ORACLE-L FAQ:
http://www.orafaq.com
To unsubscribe send email to: oracle-l-request_at_freelists.org
put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Received on Mon Feb 23 2004 - 15:14:08 CST
