Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Slightly OT: Java in the DB

Re: Slightly OT: Java in the DB

From: Mladen Gogala <>
Date: Mon, 23 Feb 2004 16:16:55 -0500
Message-ID: <>

CGI script which goes in like a DBA and fixes the password.

On 02/23/2004 04:11:58 PM, "Vergara, Michael (TEM)" wrote:
> What I am trying to do seems so simple that I still cannot
> believe I'm not done yet!
> I want to build a web page where a 'normal' (non-privileged)
> user can go, enter his/her login, see a list of the DB's
> where he/she has an account, enter a new password, click a
> checkbox (or -boxes), and have the web page call a <Choose-
> the-utility-here> routine to go out and update the user's
> password on the selected DBs.
> I can do everything except get the DB update to work.
> There's no daemon. This is intended to be an on-demand
> utility. There's a central server/instance that has
> definitions to all the DBs in the TNSNAMES.ORA file. From
> this DB I harvest the user logins nightly, to build the list
> to present to the user. I *know* I can connect, although to
> do the harvest I create a temporary database link, instead of
> using Java or whatever.
> It's the silly step of changing the password. The problem is
> that the user may wait until after the p/w has expired, so they
> cannot log in. I found the OCINewPassword routine will do a
> password change even on a expired login. But ARG! This is
> the second (or is it third) method I've tried and they have all
> had one kind of issue or another.
> Any more suggestions?
> Thanks,
> Mike
> -----Original Message-----
> From: Mladen Gogala []
> Sent: Monday, February 23, 2004 12:21 PM
> To:
> Subject: Re: Slightly OT: Java in the DB
> Exactly what are you trying to do? For having a daemon (or demon,
> for that matter) lurking in the darnkness of the central server and
> resetting expired passwords, the daemon needs to maintain a permanent
> connection with sufficient privileges to change any user's password,
> typically, a dba connection. If your DBA doesn't use profiles, with
> the idle time limitation, you can have a permanently connected process
> which would change password as soon as it was signalled to him. The
> question is: what would the password be changed to? There are strings
> which are extremely hard tu guess (username, "qwerty", "password", "tiger")
> and which would make your username secure. At one of my places of
> work, I've witnessed the following story: a tech support expert leaves
> a unix worsktation logged in, as root, and goes home at 6 PM, when cleaning
> ladies entered the office. One of the cleaning ladies had a 14 years old
> son which wanted to check the old joke with "rm -rf /". He found out
> that it really does destroy everything on a unix system. Now, you are absent,
> your password expires at 7 P.M. and there is an eager help desk person who
> wants to test "drop tablescpace FIN_DATA including contents and datafiles
> cascade constraints" that he or she has seen written somewhere. I'll leave
> the rest of the story to you.
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ:
> ----------------------------------------------------------------
> To unsubscribe send email to:
> put 'unsubscribe' in the subject line.
> --
> Archives are at
> FAQ is at
> -----------------------------------------------------------------

Please see the official ORACLE-L FAQ:

To unsubscribe send email to: put 'unsubscribe' in the subject line.
Archives are at
FAQ is at
Received on Mon Feb 23 2004 - 15:14:08 CST

Original text of this message