Forms-Related Documentation Issues
The following description of adding a password confirmation challenge to forms is missing from this chapter: (ID-7604)
You can use the RequiresChallenge form property to add a password confirmation challenge to select forms. When this feature is enabled, Identity Manager will challenge the currently logged-in administrator for his password before processing a request. The forms that supporting this option include:
userForm (Tabbed User Form, Wizard User Form, Default User form)
changePassword (by default, Change User Password form)
resetPassword (by default, Reset User Password form)
The property is specified different for each of the forms.
Setting the RequiresChallenge Property for User Forms
To add a password confirmation challenge to a user form, add the following RequiredElement element as shown below, with substitutions for password, email, and fullname:
<Property name='RequiredChallenge'>
<List>
<String>password</String>
<String>email</String>
<String>fullname</String>
</List>
</Property>
|
The value of the property is a list of one or more of the following User view attribute names: applications, adminRoles, assignedLhPolicy, capabilities, controlledOrganizations, email, firstname, fullname, lastname, organization, password, resources, roles.
Setting the RequiresChallenge Property for Change Password and Reset Password Forms
To add a password confirmation challenge to either a changePassword or resetPassword form, add the following <RequiresChallenge> element as shown below, with substitutions for password, email, and fullname:
<Property name='RequiresChallenge' value='true'/>
where the value of the property can be either "true" or "false".
If the property is set to "true" in the form, Identity Manager will challenge the current administrator who is requesting the change to enter the password he used to log in to Lighthouse. If the challenge is not successful (that is, the current administrator's password is not entered), Identity Manager will not permit the change. If the challenge is successful, Identity Manager will permit the change request to proceed. Both password management forms support the use of the 'RequiresChallenge' form property. When this property is set to true, the user is prompted to enter the old password after specifying the new password.
Overriding Version Information
You can create two custom message catalog keys that prevent Identity Manager from displaying the version information when a user places the cursor over the help button. The UI_END_USER_VERSION key hides the version information on the end user interface, while the UI_VERSION key is used by the administrator interface.
Setting the value of the key to the empty string prevents any version information from being displayed.
The following example disables version information for both interfaces.
<Waveset>
<Configuration name="sampleCustomCatalog">
<Extension>
<CustomCatalog id="defaultCustomCatalog" enabled="true">
<MessageSet language="en" country="US">
<Msg id="UI_END_USER_VERSION"></Msg>
<Msg id="UI_VERSION"></Msg>
</MessageSet>
</CustomCatalog>
</Extension>
</Configuration>
</Waveset>
Other Forms-Related Issues
The "Forms" chapter is missing the following discussion: (ID-18869)
By default there are two implementations of the change password form:
The End User Password Change form is the default password change form. It presents a simple set of fields with which the user can change their password. The password policies for all resources that are assigned to the user are aggregated and summarized, and Identity Manager applies the password change to all assigned resources.
The Basic Change Password Form is present in both the Administrator and User Interfaces. It provides information about the resources that are assigned to the user and allows the user to individually select on which resources Identity Manager will change the password.
Both password management forms support the use of the 'RequiresChallenge' form property. When this property is set to true, the user is prompted to enter the old password after specifying the new password.
- © 2010, Oracle Corporation and/or its affiliates