Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Allowing users to update expired Oracle 8 passwords in V
Message
De
12/07/2000 09:30:34
Mark McCasland
Midlothian, Texas, États-Unis
 
 
À
11/07/2000 21:59:57
David Greenberg
Mesa Vista Software
Oak Ridge, Tennessie, États-Unis
Information générale
Forum:
Oracle
Catégorie:
Autre
Titre:
Re: Allowing users to update expired Oracle 8 passwords in V
Divers
Thread ID:
00391054
Message ID:
00391180
Vues:
23
Tim is close to what I had to do.

What I did was have our Oracle DBA grant ALTER USER PRIV to my schema owner. This also means that I have to compile the schema owner password into the method that changes the user's password. I handle this by using a constant in my DEFAULTS.H file. So if I have to change the password for the schema owner, I just change it in the DEFAULTS.H file and recompile the app. I then copy the app to the server where my app launcher will find it and copy it to each user's installation directory.

In my example above, if I get [Oracle] error 28001, I then immediately instanciate a change password form [modal] class. This is a different form from the user login form. Once the user enters and confirms a new password that is different from the password they entered on the regular login form, I connect as the schema owner and issue an ALTER USER command. All of this is done with SQLConnectString and SQLExec.

The following code is called by the click method of my normal login form's OK button. I called the method mCheckExpired.
local lcUser, lcPass, lnHandle
lcUser = alltrim(upper(This.txtUserName.Value))
lcPass = alltrim(upper(This.txtPassword1.Value))
lnHandle = SQLStringConnect('Driver=Microsoft ODBC for Oracle;UID=' + lcUser ;
		 + ';PWD=' + lcPass + ';CONNECTSTRING=reg6;')
if lnHandle > 0
	SQLDisconnect(lnHandle)
	return .t.   && password has not expired
endif
local lnRetVal
local array laConnectError[1,1]
lnRetVal = aerror(laConnectError)   && lnRetVal = 3 for me
if lnRetVal < 1    && this should never be true at this point but what the heck
	return .f.
endif
if laConnectError[1,1] = 1526 and laConnectError[1,5] = 28001
	*!* ODBC error and Password Expired Error. Do nothing here.
else
	return .f.
endif
local oNewPass
oNewPass = newobject('NewPassword', 'appclass.vcx')
oNewPass.Show()
if oNewPass.lCanceled
	oNewPass.Release()
	return .f.
endif
lcPass = alltrim(oNewPass.txtNewPass1.Value)
oNewPass.Release()

lnHandle = SQLStringConnect('Driver=Microsoft ODBC for Oracle;UID=NPDES;PWD=' + NPDES_PASSWORD + ';CONNECTSTRING=reg6;')
if lnHandle < 1
	return .f.
endif
local lcSQL
lcSQL = 'alter user ' + lcUser + ' identified by ' + lcPass
lnRetVal = SQLExec(lnHandle, lcSQL)
SQLDisconnect(lnHandle)
if lnRetVal < 1
	return .f.
endif
** Next, replace the normal login form's [old] password
** with the new password which the click method uses to login
ThisForm.txtPassword1.Value = lcPass
MessageBox("Your password change was successful.", MB_ICONINFORMATION, "Notice...")
return .t.
After this point, my ususal login form completes the login using the new password without the user having to do anything else. If mCheckExpired returns FALSE, the click method stops and just returns to the login form for the user to either try again or cancel login.

Of course, all of this can be avoided if we could pass a new password with the SQLConnect or SQLStringConnect if we get an error the first time. I do not think this is yet possible.
Mark McCasland
Midlothian, TX USA
Précédent
Suivant
Répondre
Fil
Voir

Click here to load this message in the networking platform