1. Developing Applications with Oracle Access Management
  2. Appendices
  3. Creating Deployment-Specific Pages
  4. How to Write Deployment-Specific Pages
  5. Change Password Page Parameters

A.2.2 Change Password Page Parameters

27 June: Lakshmi advises: "Is this not same as custom UI pages.. The intention seems to be the same to me." 22Jun2012: Dev advises that this behavior has changed in R2. Awaiting details from dev to update section.

The URL for the change password page must accept the parameters listed in Table A-4.

Note:

In a GIT deployment, when a partner logout flow requires query parameters in the p_done_url, the parameters must be URL encoded such that the Access Manager logout servlet does not interpret them as being Access Manager parameters but elements of the single p_done_url.

Table A-4 Change Password Parameters Submitted to the Page

Parameter Description 
p_username

Contains the user name to be displayed somewhere on the page.

 
p_subscribername

The subscriber nickname when hosting is enabled.

Note: This field is required on the login page.

 
p_error_code

Contains the error code, in the form of a string, if an error occurred in the prior attempt to change the password.

 
p_done_url

Contains the URL of the appropriate page to return to after the password is saved.

 
site2pstoretoken

Contains the site2pstoretoken that is required by the /sso/auth login URL if the password has expired or is about to expire. 

p_pwd_is_exp

Contains the flag value indicating whether the password has expired or is about to expire. The value can be either WARN or FORCE. See Table A-6 for the associated error codes. 

locale

User's language preference (optional). Must be in ISO format. For example, French is fr-fr. For more about this parameter, see "Adding Globalization Support".

The change password page must pass the parameters listed in Table A-5 to the change password URL: 

http://sso_host:sso_port/sso/ChangePwdServlet

Table A-5 Change Password Page Parameters Submitted by the Page

Parameter Description 
p_username

Contains the user name to be displayed somewhere on the page. Should be posted as a hidden field by the change password page. Must be UTF-8 encoded.

 
p_old_password

Contains the user's old password. Must be UTF-8 encoded.

 
p_new_password

Contains the user's new password. Must be UTF-8 encoded.

 
p_new_password_confirm

Contains the confirmation of the user's new password. Must be UTF-8 encoded.

 
p_done_url

Contains the URL of the appropriate page to return to after the password is saved.

 
p_pwd_is_exp

Contains the flag value indicating whether the password has expired or is about to expire. The value can be either WARN or FORCE. See Table A-6 for the associated error codes. 

site2pstoretoken

Contains the redirect URL information for login processing.

 
p_action

Commits changes. The values must be either OK (commit) or CANCEL (ignore). 

p_subscribername

Contains the user name to be displayed somewhere on the page.

 
p_request

Protected URL requested by the user.

 
locale

User's language preference (optional). Must be in ISO format. Example: French is fr-fr.

See "Adding Globalization Support".

The change password page must have at least three password fields: p_old_password, p_new_password, and p_new_password_confirm. The page should submit these fields to the change password URL.

The page should also submit p_done_url as a hidden parameter to the change password URL. In addition, it should display error messages according to the value of p_error_code.