|
|
|
You can modify the functionality of the Forgotten Password Handler in two ways:
The Forgotten Password Handler defines an API-specific method, getQuestions(), that creates a Vector of verification questions. The questions and answers are passed to a method for presentation to the user. The getQuestions() method is called by the handler’s init() method. Its input is a hashtable of values configured by an administrator through the Forgotten Password task.
Note: For more information about how the Forgotten Password task is configured, see the Configuration Guide.
For example, you may have a setup where your questions and answers are stored in a database and you do not want to update a CA Identity Manager property file every time the database is updated. You could extend the ForgottenPasswordHandler class and implement the getQuestions() method to fetch the questions from the database on the next initialization of your handler.
Another possibility for extending this class is to override the encrypt() and decrypt() methods. The init() method gets the encryption key if one has been configured. By default, no key is provided. The encrypt() method is called from the toPhysical() to convert the names and addresses before they are written out to the user store. The decrypt() method is called by toLogical() to convert these values when they are read from the user store. You can implement the encrypt() and decrypt() methods to perform any encryption that is appropriate for your installation.
Note: When using the "Separate Attributes" schema for questions and answers, a separate attribute is required to enable control data. The correct exception is displayed when you execute Forgotten Password.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |