Re: Changing Oracle passwords by end users

From: Dave Jordan <jordan_at_pt5026.pto.ford.com>
Date: 21 Dec 1994 13:19:07 GMT
Message-ID: <3d9a0b$8jt_at_eccdb1.pms.ford.com>

Jonathan Lewis wrote:

>Re: changing Oracle passwords in a 'unix-like' way.

>I assume the major problem in your mind is how you avoid
>getting the user to a position where they are stuck
>without a logon.

>One approach (based on something I once did for v6) is as follows:
>Create a package that does all the serious work.
>This package should be owned by SYS, and execute rights
>given to a suitable role so that end-users can execute it.

>The critical function in the package should accept the
>users Oracle id, the old password and the new password;
>the steps are then:

>select encoded password from user$ into memory;
>alter user identified by old_password;
>select encoded password from user$ into memory;

>compare the two encoded values: if they match proceed.
>if they do not match, issue:
>alter user XXX identified by values :old_encoded_password;

                              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

I don't see this syntax in the SQL Language Reference Manual. Wouldn't the old encoded password be encoded yet again? You would have to unencode it first before reusing it - unless you meant to force it back into the data dictionary without the alter user command.

David Jordan

> to put the password back to what it was.

>Then do the
>alter user XXX identified by :new_password;
Received on Wed Dec 21 1994 - 14:19:07 CET

This message: [ Message body ]
Next message: Jimmy Cheong: "Re: [Q] Distributed instance queries?"
Previous message: Ravi Kumar: "Re: Looking for an inexpensive ER drawing tool"
Maybe in reply to: schaaph: "Changing Oracle passwords by end users"
In reply to Jonathan Lewis: "Re: Changing Oracle passwords by end users"
Next in thread: Jimmy Cheong: "Re: [Q] Distributed instance queries?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message