C
christian.bryan@capita.co.uk
Guest
Hi All We are looking to create a password reset option for our PAS application. As part of this we need to allow the user to call various business entities to facilitate this i.e. to lookup OTP's and reset their password essentially unauthenticated. Our PAS is form based authentication so will not allow the above unless you have authenticated a 'catch 22'. What have other folks done? Could you use a 'dummy' account with limited privileges to give access to the password reset BE's only. Do you create an anonymous PAS instead to serve these BE's and other like them. Am i missing a trick? Thanks Christian.
Continue reading...
Continue reading...