Password Verify

We updated the password verify function on the back end in our database. It was now returning some new errors based on new password rules. So our front end C++ developers had to trap these errors and display appropriate text.

There was a problem when the C++ applications forced users to change their password when their database accounts had expired. In this scenario they were executing the following Pro*C code.

AT dbname

This does allow the user to change thier password. And the new passwords were going through our password verify function on the server. However, when the passwords did not pass the verify function, Oracle was returning an error of ORA-28003.

Yes. We knew it was failing the password verify function. But the front end needed to know the specific rule that failed. This was not being passed back. I have seen some other code that first manually called the password verify function to get the specific error. However in this scenario the database account was expired. I did not think we could connect and execute this function.

For now our developer is rewriting the password verify function in C++ to know before hand whether the back end version will fail. This feels wrong. Any ideas?