Previous Topic: Add a Change Password Link to the Password Services ServletNext Topic: Remove the Login ID When Redirecting for Password Services


Allow Specific Users to Change Their Passwords in Servlet

If you want to allow only certain users to change their own passwords, complete the following procedure.

Follow these steps:

  1. Modify the permissions for the PWLogin.jsp file:
    1. Navigate to the following location:

      web_agent_installation_dir/pwservlet/default

      Where web_agent_installation_dir is the installed location of the Web Agent.

    2. In File, Properties, deselect the read-only attribute.
  2. Edit the text in the PWLogin.jsp file:
    1. Open PWLogin.jsp in a text editor.
    2. Add the following line:
      <p align="center"><font size="1">
      <a href="/siteminderagent/pwservlet/
      PSWDChangeServlet?SMAUTHREASON=34&TARGET
      =<%TARGET%>&SMAGENTNAME=<%=agentname%>">Change Password</font></a>
      
    3. Save the file.
  3. Access the Administrative UI.
  4. Create an Authentication Scheme with the following settings:
  5. Optionally, create a policy domain.

    Include the user directory that contains the users that are allowed to change their own passwords in your policy domain.

    If you do not create a policy domain, select an existing policy domain.

  6. Create a realm that specifies the directory that you are protecting. In the Authentication Scheme list box, select the authentication scheme that you created in step 4.
  7. Create a rule under the realm that specifies the resources that you are protecting.

    If your rule specifies all of the resources (*) in the protected directory, then separate rules for localized Password Services are not required.

  8. Create a policy that binds the rule you created and the users/groups who are allowed to change their passwords.

More information:

Localize Servlet-based Password Services

Password Self-Changes

When users want to change their passwords they must:

  1. Click Change Password.

    The Administrative UI displays the Password Change Request form.

  2. Enter the requested information, then click the Change Password button.

    The Administrative UI displays another Password Change Information page, indicating that the user’s password has been changed.