OpenSSO Enterprise provides plug-ins for the Password Reset service. When a user wants to reset their password, the following occurs:
The Password Reset service prompts the user for a userID and for the answer to an individualized security question.
The Password Reset service calls the NotifyPassword.java plug-in. This plug-in notifies the administrator that a user password is being reset.
The Password Reset service then calls the PasswordGenerator.java plug-in. This plug-in generates a new user password based on the developer's specification. If no plug-in is defined, OpenSSO Enterprise generates a random-string password.
You must define the plug-ins using the Password Reset module in the OpenSSO Enterprise console. The customizable code is available on opensso.dev.java.net. See Chapter 13, Password Reset Service, in Sun OpenSSO Enterprise 8.0 Administration Guide and Password Reset in Sun OpenSSO Enterprise 8.0 Administration Reference.