全部博文(41)
分类: Oracle
2009-03-27 15:23:56
| Subject: | "Signon Password Failure Limit" Profile Option Does Not End Date User in FNDSCAUS Form | |||
| : | 332577.1 | Type: | PROBLEM | |
| Modified Date : | 28-OCT-2008 | Status: | PUBLISHED | |
In this Document
| This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process, and therefore has not been subject to an independent technical review. |
Users can continue to attempt to login continually even if the
"Signon Password Failure Limit" profile option is set. The end date for
the user does not become end dated and there is no indication in the
Users form (FNDSCAUS.fmb) that the user account is locked.
Run this SQL to verify if the user is locked:
SELECT DECODE (encrypted_user_password
, 'INVALID', 'Account locked'
, 'Account not locked')
FROM fnd_user
WHERE user_name = '&username';
If the encrypted_user_password is invalid then the user the account is locked.
Steps to reproduce:
Create a user, assign a password, assign responsibilities.
Set the Signon Password Failure
Limit profile option e.g. 5.
Login to applications as the user and follow the prompts for resetting the password.
Login again
using an incorrect password and receive the following error message:
"Login failed. Please verify your login information or contact the system administator."
Continue attempting to login using an incorrect password for 5 times.
The error still appears and the FNDSCAUS form shows that user is not end dated.
The user can still login using the correct password.
The code has changed since ATG PF CU2 (patch 4125550.) The end date
is no longer populated when a user account is locked. This caused a
problem that the FND User form FNDSCAUS.fmb gives no indication of
whether the user account is locked.
Development
are going to update FNDSCAUS.fmb to show with a user account is locked or not. Reference:
"11.5.10 CU 2 - NO WAY OF KNOWING AN ACCOUNT IS LOCKED"
Please use either of these workarounds until a fix is released.
Workaround 1:
Manually run the following SQL to determine if the account is locked.
SELECT DECODE (encrypted_user_password
, 'INVALID', 'Account locked'
, 'Account not locked')
FROM fnd_user
WHERE user_name = '&username';
Workaround 2:
Use the
Form Personalization feature. This can be used to highlight that the
account is locked based upon the user which is displayed in the form.
In this case, please perform the following steps:
1. Open the
Users form
2. Menu Help -> Diagnostics -> Custom Code -> Personalize
3. Create 2 rules:
a) Rule 1:
Seq 10
Desciption : Default
Level : Function
Condition :
Trigger Event : WHEN-NEW-RECORD-INSTANCE
Trigger Object : User
Actions
Seq 10
Type : Property
Object Type : Item
Target Object USER.USER_NAME
Property Name : PROMPT_TEXT
Value : User Name
b) Rule 2:
Seq 20
Desciption : Locked account
Level : Function
Condition :
Trigger Event : WHEN-NEW-RECORD-INSTANCE
Trigger Object : User
Condition : :USER.ENCRYPTED_FOUNDATION_PASSWORD = 'INVALID'
Actions
Seq 10
Type : Property
Object Type : Item
Target Object USER.USER_NAME
Property Name : PROMPT_TEXT
Value : User Name (locked)
The second rule will ensure that the form displays 'User Name (locked)' if you query a user which is locked. All other users will have the default 'User Name' prompt.
虽然说得是另外一个问题,但是这里提到了这个字段,保存下来,省得忘记了,老了.......
