Locking Account at runtime [message #198609] |
Tue, 17 October 2006 23:33 |
kc1982
Messages: 13 Registered: October 2006
|
Junior Member |
|
|
Hi, I set the failed_login_attemt as 5 in user profile like below
-- Create profile
create profile COMM_USER limit
failed_login_attempts 5
password_life_time 30
password_reuse_time 360
password_reuse_max unlimited
password_lock_time unlimited
password_grace_time 15
password_verify_function SF_PWD_VER;
-- Add users to profile
alter user cas profile NOPASS_USER;
However, i would like to lock an user account after 3 consecutive unsuccessful login. Here is my code in procedure..
Procedure invalid_logon Is
ddl_statement varchar2(200);
BEGIN
.....
.....
.....
If :global.attempt_indicator='N' and :global.attempt_counter=0 THEN
display_invalid(:global.msg_cannot_logon);
:global.attempt_indicator:='Y';
:global.attempt_counter:=1;
raise form_trigger_failure;
Elsif :global.attempt_indicator='Y' and :global.attempt_counter=1 THEN
display_invalid(:global.msg_max_logon_attempt);
:global.attempt_indicator:='Y';
:global.attempt_counter:=2;
raise form_trigger_failure;
Elsif :global.attempt_indicator='Y' and :global.attempt_counter=2 THEN
ddl_statement := 'alter user '||upper(:bk_control.user)||' account lock';
Forms_DDL(ddl_statement);
IF NOT Form_Success THEN
message(Dbms_Error_Code);
ELSE
message('Lock Succeeded! ');
END IF;
display_invalid(:global.tmessages_075);
:global.attempt_indicator:='N';
:global.attempt_counter:=0;
raise form_trigger_failure;
End If;
....
....
....
END
the Forms_DLL() function can execute successfully, but the user account is still not locked at the 3rd attempt, when i check the database. Anyone can help please? FYI, i am using the Form Builder ver6.
Thanks
[Updated on: Wed, 18 October 2006 00:28] Report message to a moderator
|
|
|
|
|
Re: Locking Account at runtime [message #199056 is a reply to message #198609] |
Thu, 19 October 2006 21:06 |
kc1982
Messages: 13 Registered: October 2006
|
Junior Member |
|
|
I missed out something which is no connection to the database.
Because that is a logon form, and when a user failed to login at 3 consecutive attempts, the user will be locked. Forms_DLL will execute 'alter user account lock' DDL statement, however, since the user fails to make connection to the database, system can not update the data into database, as there is no connection. So what i do is to write a procedure which temporarily logon as sysdba and logout the system after executing the DDL statement.
Hope you guys understand and sorry for my english
|
|
|