If a user of an OEDQ installation integrated with Active Directory (AD) logs in when their AD password has expired, they are normally presented with a dialog informing them that this is the case.
However, it is possible to create custom messages to inform users that their AD password has expired or is about to expire. To do this, certain values must be added to the login.properties file, which must be created in [Install Path]/config/security.
Note: It is also possible to do this for OEDQ installations integrated with other types of LDAP server. Please contact Oracle Support for further information.
Note: The following variables can be used in the Password messages:
Also, the realm name for each value is specified in the login.properties file in a comma separated list. See Configuring login.properties for further information.
To use the standard Password Expired message, enter the following value in the login.properties file:
[realm name].extra.pwexpired.message = {0}
To enter a custom Password Expired message, with a link to a specific URL for changing the password, use the following code (the message text, formatting and URL are included as examples, and can be edited as required). The HTML formatting is optional:
[realm name].extra.pwexpired.message = <html><font size="+1">Dear <em>{1}</em><p>Your password has expired. Click <a href="[URL]">here</a> to set a new password.</p></font></html>
Use the following code to create a custom Password Expiring message, substituting the correct realm name and message text. Again, the HTML formatting is optional.
Note: If you do not set a Password Expiring message, users will simply see the normal login screen if their password is about to expire.
[realm name].extra.pwexpiring.message = <html><font size="+1">Dear <em>{1}</em><p>Your password will expire {2,choice,0#today|1#tomorrow|1<in {2} days}.<p>Click <a href="[URL]">here</a> to manage your password settings.</p></font></html>
By default, OEDQ inherits the password expiry time from AD, and the warning threshold is set to 7 days. If required, these values can be set in login.properties instead.
To set a custom password expiry time, add the following value:
[realm name].ldap.prof.passwordhandler.passwordage = [Number of days/hours/seconds]
To set a custom warning threshold, add the following value:
[realm name].ldap.prof.passwordhandler.passwordwarning = [Number of days/hours/seconds]
For each value, you can specify a number of days, hours or seconds. For example: