Changing your password in OBIEE 11G

In OBIEE 11g, the users can not change their password unless they have administrative privileges. To provide this functinality there is a workaround of using an API of enterprise manager. To check this API:

Go to enterprise manager link and navigate to System MBean browser > Runtime MBeans > Security > Domain > myRealmDefaultAuthenticator as shown in below screen-shot

In order to use this API, you have to:
1. Write a Java Class calling MBean methods to connect to MBean server
2. Write a method in that Java Class and call this API into that method
3. Convert this Java Class into a web service exposing the above built-method
4. Deploy the web-service to the admin server.
5. Make an Action Link on your OBIEE dashboard calling the above built web-service in that action link.

Jdeveloper can be used to built Java Class. The Java Class code is given below:


package obieeweb;



import java.lang.management.ManagementFactory;
import java.net.InetAddress;
import java.util.Arrays;
import java.util.HashMap;
import javax.jws.WebMethod;
import javax.jws.WebService;
import javax.management.MBeanServer;
import javax.management.ObjectName;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXServiceURL;


public class OBIEEWebServices {
          public String OBIEEWebService(String userId, String oldPassword, String newPassword, String confirmPassword) throws Exception {
     
        MBeanServer mbs = ManagementFactory.getPlatformMBeanServer();
        HashMap env = new HashMap();
     
        final String hostname = InetAddress.getLocalHost().getHostName();
        final int port =  your_port_number;
     
        JMXServiceURL serviceUrl = new JMXServiceURL("service:jmx:rmi://"+hostname+":"+port+"/jndi/rmi://"+hostname+":"+port+"/jmxrmi");
     
        JMXConnectorServer jmxConnector = JMXConnectorServerFactory.newJMXConnectorServer(serviceUrl,env, mbs);

        ObjectName securityMBeanName = new ObjectName("Security:Name=myrealmDefaultAuthenticator");
        Object[] params = new Object[] { userId, oldPassword, newPassword};
        String[] signature = new String[] {"java.lang.String", "java.lang.String", "java.lang.String"};
        if (newPassword.equals(confirmPassword)) {
        try
          {
          mbs.invoke(securityMBeanName, "changeUserPassword", params,signature);
          }
        catch(Exception e)
          {
           return e+"|Error changing Password.";
          }
          return "Password changed successfully.";
        }
        else
        {
            return "Passwords don't match. Try again.";
        }
     }


    public static void main() throws Exception {
        OBIEEWebServices ow = new OBIEEWebServices();
        ow.OBIEEWebService( userId, oldPassword, newPassword, confirmPassword);
}
}

Steps to build a web service, in Jdeveloper:

1. Right click on your Java Class and select Create Web Service

2. Select the deployment platform as per your requirements and click Next:

3. Give the service name and port and click next:

4. Choose the binding method and click next:

5. This screen should give the method that you have written in your Java Class to invoke the API:

Click Next on the other screens and finish building your Web Service.

Once WebService is built, you need to deploy it to Application server:

1. Right Click on Project and select Deploy:

2. Choose Application server. Click on the + button to add a new server:

3. Give the connection name :

4. Give username and password:

5. Give the configuration details:

6. Click test Connections and deploy.

Once the web service is deployed , you should be able to check it in Admin server under deployments.

Now, we have to create a dashboard and add a new action link:

Create a dashboard and drag a new action link. select Invoke Web Service:

Give the web Service URL and Select the webservice. It will open the arguments screen. The number of arguements will be the same as the method you have used in your Java Class to invoke the API:

Note that in first arguement for User Id, we have selected a Session variable USER and made it hidden so that its not prompted and its value is automatically assigned to the User which has signed in.

The dashboard looks like: