Can We Configure ESSO-PR To Force A User To Re-authenticate As The User Enroll? (Doc ID 1362779.1)

Last updated on MARCH 02, 2015

Applies to:

Oracle Enterprise Single Sign-On Suite Plus - Version 11.1.1.2.0 to 11.1.1.5.0 [Release 11g]
Information in this document applies to any platform.

Goal

The enrollment process for password reset uses Integrated Windows Authentication (IWA), using the last logged in user for a workstation to know who they are during enrollment. The problem would be, if Person-A leaves their workstation unlocked, a second Person-B could walk up, launch the enrollment URL and re-enroll Person-A without their knowledge. This would allow Person-B to reset Person-A's password. Can you prevent this by requiring a user to re-authenticate as user enroll?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms