E1: SEC: User can Login with Blank Password When No Password Policy is Set
Last updated on MAY 30, 2017
Applies to:JD Edwards EnterpriseOne Tools - Version 9.1 and later
Information in this document applies to any platform.
A User was able to login to the web client with no password, upon reviewing JAS Logs it indicate that Password had expired as visible below:
Once the password has expired, when you log into the web client, it offers an HTML page to enter a new password. This change password screen does not contain the same base restraints as the P98OWSEC application.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms