24.5 Oracle-Provided Password Forms

Access Manager provides several pages for user interactions during credential collection. The location can be customized, depending on the desired topology of the authentication scheme being developed.

The Credential Collectors password pages are described in Table 24-4.

Table 24-4 Credential Collector Password Pages

Credential Collector Description

ECC pages

The default embedded credential collector jsp forms, by default, reside on the OAM Servers.

  • Login page: /pages/login.jsp

  • Logout page: /pages/logout.jsp

  • Error page: /pages/servererror.jsp

  • Multi-step authentication page: /pages/mfa.jsp

DCC pages

Dynamic pages general login/logout and password policy with the DCC are excluded automatically through the OHS httpd.conf/webgate.conf file--you do not need to configure a policy to exclude these. See the Webgate host:

  • $WEBGATE_HOME/webgate/ohs/oamsso/*

  • $WEBGATE_HOME/webgate/ohs/oamsso-bin/*pl (update the Perl location in the first line of the login, logout, and securid scripts)

  • $WEBGATE_HOME/webgate/ohs/oamsso-bin/templates/*

See Also:

For details about customizing pages and messages, see the Oracle Fusion Middleware Developer's Guide for Oracle Access Management.

Table 24-5 shows the password forms provided. The default pages can be customized for your enterprise, or replaced entirely with custom pages. For example, you can design, implement, and deploy a custom page that displays a different version of the login form for a mobile browser than is used for a desktop browser.

Table 24-5 Password Management Forms and Functions

Form Function

Sign In Form

The standard login form provides fields for userID and password. Clicking the Login button initiates authentication processing governed by the configured authentication module.

See: Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details about customizing login forms.

Sign In Error

This standard login form appears when an error occurs. The text in red identifies the errors, which can be suppressed or displayed.

See: Oracle Fusion Middleware Developer's Guide for Oracle Access Management for details about suppressing or displaying.

Password Expiry Notification

The following message appears to inform the user that her password will expire, based on the notification policy.

Change Password Form

Based on password expiration policy configuration, the following window appears to enforce the policy and require user to change his password.

Password Change Success

The following message appears to confirm the password change was successful.

Locked or Disabled User Account

Based on the password policy, user account lockout occurs when supplied credentials fail during the maximum allowed login attempts.