Here in this post,I am decoding all the facts about Guest User password in 11i/R12
What is Guest User Password
- Guest user password is very important for the functioning of Application SSWA.
- Self service login used this password to verify the user password. Self service will not come upif this password is incorrect.Direct form login will still work if the password is incorrect
- It is a application user not a Database user while APPLSYSPUB is a database user. So Guest user information is stored in FND_USERS table
- 11i/R12 never use this for login …this is used to obtain apps info
- It should be consistent on both the places,otherwise application will not work.
- FNDCPASS also make use of this password for changing the password.
- Guest user password cannot be changed through FNDCPASS. Most appropriate way to change it through Autoconfig which is explained below
- It should never be end dated.
All the guest user and password manipulation is done through FND_WEB_SEC package stored in apps schema
ATG RUP 6 introduces new hash password scheme for application password.
It is stored in following places
$FND_TOP/secure/ or $FND_SECURE R11i and R12 release also GUEST_USER_PWD oracle apps profile option R12.1 Release and Above Oracle Vault
Following command could be use to check it correctness
select apps.fnd_web_sec.validate_login('GUEST','<password>') FROM DUAL
Following query could be use to obtain the guest user password
R11i and R12 release also SELECT upper(fnd_profile.value('GUEST_USER_PWD')) FROM dual; R12.1 Release and Above select fnd_vault.get('FND', 'GUEST_USER_PWD') from dual; or select FND_WEB_SEC. GET_GUEST_USERNAME_PWD from dual;
Following are some of the queries which are very useful
create or replace function test(key in varchar2,value in varchar2) return varchar2 as language java name 'oracle.apps.fnd.security.WebSessionManagerProc.decrypt(java.lang.String,java.lang.String) return java.lang.String';
Query this to the find apps schema password from the Guest user
SELECT(
SELECT
test(
UPPER((SELECT upper(fnd_profile.value('GUEST_USER_PWD')) FROM dual))
,a.encrypted_foundation_password)
FROM dual
) AS apps_password
FROM
fnd_user a
WHERE
usertable.user_name LIKE upper(
(SELECT
substr(fnd_profile.value('GUEST_USER_PWD'),1,instr(fnd_profile.value('GUEST_USER_PWD'),'/')-1)
FROM dual)
)
How to change the Guest User Password
The only supported way to change the Guest user password is to update the context variable s_guest_pass and run AutoConfig, which runs the AdminAppServer utility internally.
- As the “applmgr” Unix user make sure the appropriate environment files are sourced.
- Use the AutoConfig editor to change the context value for the guest password Ensure the Guest password is entirely uppercase
AutoConfig variable name is “s_guest_pass” - Run AutoConfig.
- Verify the new guest password as follows:
select fnd_web_sec.validate_login(‘GUEST’,”) from dual;
this script should return ‘Y’ - Change the guest password used for diagnostics
a. Login to applications as SYSADMIN user and choose “CRM HTML Administration” responsibility. (If you don’t see this responsibility, it may be end dated for SYSADMIN user.)
b. Then follow this path and correct the GUEST password.
Settings : System : Properties
Self Service User
Settings
System
Properties > Advanced
Choose JTF from the "View" LOV.
Look for guest_password and correct it
- Stop / Start Apache.
How to change Guest user password from Backend
GUEST USER PASSWORD CHANGE
set serveroutput on
declare
l_result varchar2(30000);
userid number;
BEGIN
l_result := fnd_web_sec.CHANGE_GUEST_PASSWORD('GUEST','<appspassword>');
dbms_output.put_line( 'Result = ' || l_result );
if l_result = 'N'
then
l_result := fnd_message.get();
dbms_output.put_line( 'Error stack = ' || l_result );
end if;
END;
How to troubleshoot issues with Guest user password
First check the password using the sql
select fnd_web_sec.validate_login('GUEST','ORACLE') from dual;
FND_WEB_SEC.VALIDATE_LOGIN('GUEST','ORACLE')
------------------------------------------------------------------------
N
If the output is N, we need to check for the error
select fnd_message.get from dual;
If the error is
javax.servlet.ServletException: java.lang.RuntimeException: Guest user/pwd does not exist or match: GUEST/ORACLE
Please follow the instruction given above to change the Guest user password.
Now run the check again
If the error is ORA-29548 errors, then issue with OJVM, please check what changes have been done and take action accordingly
Related Articles
adop (AD online patching ) command line for R12.2 : Check out 31 Useful adop (AD online patching ) command line for R12.2. how to abort, apply,prepare, NLS patches, hrglobal patches in R12.2
Query to find Patch applied in Oracle apps : This articles gives various queries to Patch applied in Oracle apps to check the prerequisite and bugs in the Oracle apps environment
oracle apps queries for DBA : This page contains the very useful and practical Top 30 Useful oracle apps queries for APPS DBA to help in day to day administration activities
oracle ebs failed login attempts : check oracle EBS failed login attempts, How to enable signon auditing , Auditing reports in EBS,how to purge signon audit data,oracle EBS user login history
log file location in oracle apps r12 : Check out this post for the common log files location for 11i, R12.0,R12.1 and R12.2. Both the database and application tier log files are given
ADMRGPCH :Learn about AD Utilities(adadmin, adrelink ,adident,ADMRGPCH),How to run them, How to maintain application files using adadmin
FNDLOAD : FNDLOAD command / loader is a general-purpose utility that moves structured data between a text file and a database in EBS environment.
