Focal Point
Password Rules

This topic can be found at:
https://forums.informationbuilders.com/eve/forums/a/tpc/f/7971057331/m/2511067331

May 29, 2003, 10:42 PM
<Melinda Nevotti>
Password Rules
Is there a way to implement some Password rules in the WebFOCUS UAS/AR (MRE) environment such as the following:

1) Passwords must be at least X characters in length.
2) When a user receives a new ID and password, they are required to change the password the first time they log in.
3) Passwords must be changed every X number of days.
4) If a user attempts access using an incorrect password the ID must be automatically disconnected after X failed attempts.

Has anyone implemented similar password standards within their WebFOCUS environment? Is there something like Security exits that could be used for something like this?
May 30, 2003, 06:18 PM
Susan Trommer
No our Managed Reporting User Administration does not have any password setting specific features. There are security exits available for use with WebFOCUS for you to integrate with your existing security system. The exits are documented in the WebFOCUS Security and Administration Guide. You can obtain a copy for the release of WebFOCUS you are utilizing from our documentation services site accessible from the tech support site.
Select the 'Search for Documentation' from the 'Publications' horizontal menu.
May 31, 2003, 04:47 PM
<Melinda Nevotti>
I will take a look the WebFOCUS Security and Administration Guide off the website. Thanks for your help in pointing me in the right direction. I appreciate it.
Smiler
June 02, 2006, 09:47 AM
Aaron M. Reiff
Good morning! Sorry to re-open this discussion, but what are your thoughts on customizing the password set/change html page javascript to validate for a minimum (or maximum) number of characters? How, if at all, will this affect warranties and licensing agreements? Thanks!

Aron


Aaron M Reiff
Prod - WebFocus 7.66
Prod - ReportCaster 5
Win Server 2K/ISAPI/MSSQL Server 2K
--------------------
Test - WebFocus 7.66
Win Server 2003/TomCat/MSSQL Server 2K
--------------------
Dev - WebFocus 7.66
Win Server 2003/TomCat/MSSQL Server 2K
June 02, 2006, 10:03 AM
Tony A
Aaron,

Customising the BID login page WORP_Login.jsp is a must when using external authorisation and authentication. If you search on the Tech Support site you will find details and suggestions on how to achieve this when using one login for both Client and Reporting servers. Therefore, as it is accepted that the need is there, the subject of licensing shouldn't arise. However, if the customisation is of your own design there will only be a certain amount that Tech Support can/will do.

If you do change any of the .jsp files under the webapps/webfocus71 deirectory then do not forget to either rebuild the .jar file or set your application server to use the expanded directory, and then reload the web app.

One important piece of advise though is to ensure you back-up the original so that you can restore should you have problems.

T


In FOCUS
since 1986		WebFOCUS Server 8.2.01M, thru 8.2.07 on Windows Svr 2008 R2  
WebFOCUS App Studio 8.2.06 standalone on Windows 10