test

Oracle Waveset 8.1.1 Business Administrator's Guide

Challenging Administrator Actions

Waveset can be configured to prompt administrators for a password before processing certain account changes. If authentication fails, then the account changes will be cancelled.

There are three forms that administrators can use to change user passwords. These are the Tabbed User form, the Change User Password form, and the Reset User Password form. To ensure that administrators are required to enter their password before Waveset processes user account changes, be sure to update all three forms.

ProcedureTo Enable the Challenge Option for Tabbed User Forms

To require a password challenge on the Tabbed User form, follow these steps.

  1. In the Administrator interface, open the Waveset debug page (The Waveset Debug Page) by typing the following URL into your browser. (You must have the Debug capability to open this page.)

    http://<AppServerHost>:<Port>/idm/debug/session.jsp

    The System Settings page (Waveset debug page) opens.

  2. Find the List Objects button, select UserForm from the drop-down menu, then click the ListObjects button.

    The List Objects of type: UserForm page opens.

  3. Locate the copy of the Tabbed User Form that you have in production and click edit. (The Tabbed User Form distributed with Waveset is a template and should not be modified.)

  4. Add the following code snippet inside the <Form> element:


    <Properties>
  <Property name=’RequiresChallenge’>
    <List>
      <String>password</String>
      <String>email</String>
      <String>fullname</String>
    </List>
  </Property>
</Properties>

    The property value is a list that can contain one or more of the following user view attribute names:

    • applications

    • adminRoles

    • assignedLhPolicy

    • capabilities

    • controlledOrganizations

    • email

    • firstname

    • fullname

    • lastname

    • organization

    • password

    • resources

    • roles

  5. Save your changes.

ProcedureTo Enable the Challenge Option for Change User Password and Reset User Password Forms

To require a password challenge on the Change User Password and Reset User Password forms, follow these steps:

  1. In the Administrator interface, open the Waveset debug page (The Waveset Debug Page) by typing the following URL into your browser. (You must have the Debug capability to open this page.)

    http://<AppServerHost>:<Port>/idm/debug/session.jsp

    The System Settings page (Waveset debug page) opens.

  2. Locate the List Objects button, select UserForm from the drop-down menu, then click the ListObjects button.

    The List Objects of type: UserForm page opens.

  3. Locate the copy of the Change Password User Form that you have in production and click edit. (The Change Password User Form distributed with Waveset is a template and should not be modified.)

  4. Locate the <Form> element, then go to the <Properties> element.

  5. Add the following line inside the <Properties> element and save your changes.

    <Property name=’RequiresChallenge’ value=’true’/>

  6. Repeat steps 3 - 5, except edit the copy of the “Reset User Password Form” that you have in production.