SSO Login Password Reset

Users can request a password reset of their SSO account and change the password by using the link provided to them through their email account.

NOTE: The SSO login page must be configured by System Administrators to have a link to the Forgot Password screen. See the section for System Administrators at the end of this topic.

NOTE: Users can leave the User ID and Password fields blank when clicking on the ‘Having trouble logging in?’ link. The values input into these fields are not used in the password reset process.

When users click on the link ‘Having trouble logging in?’, a password reset screen opens where they must enter a valid Email Address which is associated with the registered user in the system and click on the [Reset Password] button.

The Email Address field is mandatory and must be entered exactly as it is defined on the user’s profile in CMiC for the password reset request to be successfully processed.

 

Once successfully submitted, a message “Reset Password information has been e-mailed to...” will appear on the screen. Users may open their email using their email client and find the email with Subject Line as “Your CMiC Account” which has their user name and the link to reset their password in the body.

It is important to note that the link will be active only for an hour. If users do not use the link within an hour, the link will expire and will not allow users to change their password. Users will have to re-send a new request. If no action is taken on the reset link, and users prefer to leave their account as is, then the previous password will still be active and may be used to login as before.

Clicking on the link provided in the email will launch the screen to change your password. Enter the User ID and New Password and click on [Change Password] button.

NOTE: The User ID is the User Name provided in the email.

The following is for System Administrators Only:

  1. Access the location, d:\oracle\infra1014\j2ee\OC4J_SECURITY\applications\sso\web\pages on the infrastructure server.

  2. Copy the new login.jsp page from the files list of this issue, to the folder in step 1. (Backing up the existing version of the file is highly recommended and may be used to rollback when needed. See the footnote at the end).

  3. Open login.jsp in a text editor.

  4. Enter the full path to SdMenu of your CMIC system as described below. (In this example, CMiC's internal test system URL is shown. Clients must use a URL specific to their system.)

  5. The String fullURLtoSdMenu = ""; must be changed to read as fullURLtoSdMenu = "http://testv12.cmic.ca:8888/cmictest12c/SdMenu/";

Once the update to login.jsp file is performed, whenever users reach the SSO login page, they will have an option for resetting their password.

NOTE: If clients do not wish to give this option to their users to reset their SSO password, then the above steps should be ignored and no changes should be made to the existing login.jsp file.
If clients wish to roll back this option, then the login.jsp file must be rolled back with the previous version.