IY99194: SSUI CHANGE THE CODE TO EXTEND SELF-CARE FOR DIRECT EXPIRED PASSWORD ENTRY.
Closed as program error.
================================================= Title: Apar to extend self-care for direct expired password entry. Problem description: Customer would like to use TAM for authorization and TIM for all pwd mgmt changes (including challenge response functionality) User authenticates to TAM and their TAM password has expired (either at 1st login .. or after normal pw expiration period): Customer would like to forward request over to TIM and have TIM prompt for expired password. (rather than changing pw in TAM) Currently: TAM can be setup to foward to TIM...but will only forward t un-secure junction. Currently the user would have to login to TIM and then go to change password Would like for us to provide a URL in SSUI where the UID would be passed in...and we would directly bring up the expired password panel. They would be required to enter old and new password. Only concern here is that this URL would give hackers a method to determine if they guessed the correct UID. (not a concern for the customer scenario in their network security however...thus this URL might need to be a property an off by default.) In the case of 1st time login...they want to be able to enter the challenge response questions too. Customer Recreate: Yes. Desired behavior: ITIM self-service direct password entry URL provided. This feature is unavailable when TIM is configured for SSO.
Customers using Self Service UI. After this APAR is installed, you will need to edit the SelfServiceUI.properties file to expose the direct entry url of: http://itimhost/itim/self/Login/DirectExpiredPasswordChange.do?e xpiredUserId=ffred Set the following property to TRUE ui.directExpiredChangePasswordEnabled=true
This fix for this APAR is contained in the following maintenance packages: | fix pack | 4.6.0-TIV-TIM-FP0048
Reported component name
IBM TIV ID MGR
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
IBM TIV ID MGR
Fixed component ID
Applicable component levels