E1: BSFN: Business Function API ValidateXMLUser Does Not Validate a Password Successfully If the Password is About to Expire Within Next Five Days or Less (Doc ID 2749434.1)

Last updated on AUGUST 31, 2021

Applies to:

Symptoms

A custom business function which is designed to validate a user's credentials using a business function API (Application Programming Interface) "ValidateXMLUser" is not working successfully if the password that is passed is about to expire. The API "ValidateXMLUser" returns 1 for a successful validation of password and returns 0 if password is incorrect. The API works successfully under normal conditions. However, if user's password is about to expire within the next five days or less, the API ValidateXMLUser does not return 1 (successful validation) even though the password that is passed to this API is correct and not yet expired. 

Although the issue is observed in custom business function, it may be replicated using Scheduler application's W91300I form which uses a standard business function ValidateUserPassword which in turn calls this API "ValidateXMLUser". Follow below steps:

1. Login to a Fat Client (Windows Development Client).
2. Open P91300:-Work With Scheduled Jobs from fast path
3. Click Add and try to schedule R0006P Version XJDE0001(Or any other report and version) 
4. You should get a warning to Specify System user password. Take Advanced Form Exit to open W91300I form and enter the User ID and Password  through which you logged in to fat client.
5. Ensure that you get an error if you enter wrong password and that you do not get any error if you enter correct password. This shows that API is working fine. 
6. Repeat above steps  1- 4 again but with a user id whose password is about to expire within next 5 days or less. You may adjust "password change frequency" in P98owsec to create this situation for a dummy user. Notice that you will get an error "Invalid password" even if password entered is correct. This indicates that API does not validate a password successfully if it is about to expire, even though the password has not expired yet.

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.