The User Application provides password self-service for users who have forgotten their passwords. This service enables
Prompting for challenge responses
Displaying a password hint
Allowing a password change
The forgotten password service is available by default to users inside your corporate firewall through the deployed User Application WAR.
You can also set up a separate forgotten-password management WAR, IDMPwdMgt.WAR, and deploy it on a system inside your corporate firewall or external to the firewall. Deploying this WAR outside the firewall can provide an additional layer of security while providing forgotten-password self-service to remote users. The forgotten-password WAR is also called the external password WAR. To set up the external password WAR, see Table 2-4.
IDMPwdMgt.WAR contains only forgotten-password self-service software and the default User Application theme.
Table 2-4 Steps for Enabling an External Password WAR
Install the User Application. During the installation, you are asked to specify User Application configuration parameters. Specify the following to enable the external password WAR:
You can also update the configuration after installation with the configupdate tool.
When you specify IDMPwdMgt.WAR in the install directory that you specify., the install program generates and installs
For http://localhost:8080/ExternalPwd/jsps/pwdmgt/ForgotPassword.jsf. The install program renames IDMPwdMgt.WAR based on the location you specify., specify the location for the external password WAR. Include the application server host and its secure port, for example
For https://idmhost:sslport/idm., supply the path that the external password WAR uses to call back the User Application, (it uses a Web Service), for example
If you want to change the link locations, you can do so in thetab.
Deploy the external password WAR to an application server.
Before you deploy the external password WAR to an application server, ensure that the application server is configured to support SSL. See Section 2.2.3, Enabling SSL. In addition:
Do you want to customize the theme for the external password WAR?
For more information, see Customizing the Theme for External Password WAR.
The external password WAR location is saved to the
The return location is saved to the
The return location is saved to the userAppURL property in External WAR/WEB-INF/faces-managed-beans.xml, for example
Users can go to thepage in the external password WAR directly from a browser like this:
When accessed directly, the external password WAR checks the WEB-INF\faces-managed-beans.xml for this entry:
The external password WAR uses the userAppURL entry to call the Web Service that handles the forgot password functionality in the User Application WAR.
Users can access thepage by clicking the link in the User Application’s page. The User Application redirects the user to the external password WAR based on the value specified for the . The external password WAR uses the value to call back to the User Application.