password reset plugin

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • N002199B
    New Member
    • Feb 2007
    • 41
    #1

    password reset plugin

    Hie all Java Gurus. Let's ay you have an already existing java application with security and authentication and all... without web-servises or LDAP stuff. just swing and a oracle DB Backen d to store users and passwords un-encrypted<<<str ings>>

    I need to go between the login splash and the first screen to put a module that handles:
    • password period checking - No password shd be more than 10 days old


    How can I manage such a feat
    Tags: None
    • r035198x
      MVP
      • Sep 2006
      • 13225
      #2
      Originally posted by N002199B
      Hie all Java Gurus. Let's ay you have an already existing java application with security and authentication and all... without web-servises or LDAP stuff. just swing and a oracle DB Backen d to store users and passwords un-encrypted<<<str ings>>

      I need to go between the login splash and the first screen to put a module that handles:
      • password period checking - No password shd be more than 10 days old

      How can I manage such a feat
      What extra steps do you want to take if the password has expired?
      An approach would be to check the age of the password everytime a user tries to log on and use a PL/SQL statement trigger before logon. This would mean that nothing is done on the date of expiry of the password.

        Comment

        • N002199B
          New Member
          • Feb 2007
          • 41
          #3
          Originally posted by r035198x
          What extra steps do you want to take if the password has expired?
          An approach would be to check the age of the password everytime a user tries to log on and use a PL/SQL statement trigger before logon. This would mean that nothing is done on the date of expiry of the password.

          Yes, I think we are on the same wavelength. I want to keep an array of five previous passwords. If the password has expired according to the timestamp of the last password change <<< also stored In the USER'S Table on an Oracle DB >>>> compare the new suggested password against these.... It should not be equal to any of these.

          From there, set the new password and record the timestamp (update DB) and allow the program flow to proceed from there as usually wld.

            Comment

            • r035198x
              MVP
              • Sep 2006
              • 13225
              #4
              Originally posted by N002199B
              Yes, I think we are on the same wavelength. I want to keep an array of five previous passwords. If the password has expired according to the timestamp of the last password change <<< also stored In the USER'S Table on an Oracle DB >>>> compare the new suggested password against these.... It should not be equal to any of these.

              From there, set the new password and record the timestamp (update DB) and allow the program flow to proceed from there as usually wld.
              Yep. This can be done on the DB side with a trigger. I'll copy this thread to the Oracle forum.

                Comment

                Previous template Next
                Working...