I am working on reset password functionality + password sync for Oracle 10g/11g and facing issue in AFX.
Crux of the problem is that Oracle 10g/11g does not accept identifiers longer than 30 characters and our OOB reset password encrypts the password. As a result Oracle refuses to alter user.
<Body>
<Request timestamp="2017-07-26T11:13:44.177-04:00" id="1">
<epid>Oracle-DMS-Dev</epid>
<verb name="ResetPassword">
<parameters>
<parameter name="Password">ENCAKAx(KrY9TBZf5z+ePVyhQX+y/9LJvq4q9v2RZVc6ENA8PS23EPNVI0RfLQ==)</parameter>
<parameter name="Account">CUR32495</parameter>
</parameters>
</verb>
<Response timestamp="2017-07-26T11:13:50.045-04:00">
<status>
<code>-1</code>
<brief>java.sql.SQLSyntaxErrorException: ORA-00922: missing or invalid option
</brief>
<detailed>Cause:
java.sql.SQLSyntaxErrorException: ORA-00922: missing or invalid option
The AFX has the verb
ALTER USER ${Account} IDENTIFIED BY ${Password}
Is there a way around using reset functionality without encrypting the password ?
Hi Pradeep,
I don't think the encryption is the issue here. If you've specified the AFX input parameter as being "encrypted" the system will automatically encrypt/decrypt in flight. So even though you see an encrypted value there, that's not necessarily what's being passed to the database.
For troubleshooting, you could flag the input parameter is NOT encrypted (or use a different input parameter).
I would suspect the issue is more in regards to certain special characters that Oracle doesn't like. I believe $ was one of them, but don't recall all of them at the moment.