Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Password validation function

Former Member
0 Kudos

Hi

Is there any way to validate if a specific string is SAP password compliance?

Here is the scenario.

A variable as string format needs to be validated as SAP password compliance.

If the string is not password compliant, the function should return why it is not.

Example:

     String value: "Alabama1

     The string is not password compliant because the " character is not valid into a password.

     String value: 12345678

     The string is not password compliant because of a missing capital letter.

So, I need the password validation call/routine to call with passing the string and have in return if the string is valid as password.

Any suggestion will be highly appreciated.

Regards

Daniel

7 REPLIES 7

Former Member
0 Kudos

I think there is a table that has some of the general rules. You can look for that.

But one of the rules is that the new password can't be the same as any of the previous three (I think). So to do this, you would ahve to know and decrypt the three previous ones - which I am pretty sure you cannot do.

Rob

0 Kudos

Hello Rob

Thank you for your feedback.

The fact is I just need the process that is validating the string before this one is encrypted.

Like:

At least one uppercase letter

At least one lowercase letter

At least one digit

etc.

Those validation are already done when a user is changing his password. I just want to avoid to rewrite something that is already existing and those validation are done before the string is encrypted.

So, I just need the string validation before the string is encrypted and saved into UR02 table.

Regards

Daniel.

0 Kudos

Table USR40 - Table for illegal passwords

Why don't debug what happens when you change your password, and do it incorrectly?

Rob

0 Kudos

Hello Rob

I was aware of the usr40 table but it contains only words that is prohibited to use.

I did pass through the debugging mode. The only think I found is the "CALL 'PASSWORD'" where I didn't find any documentation so far on the parameters to use.

The "CALL" return all the error that can be found in the password but the example I have is to change the password. I do not want to change the user password, I just want to validate of a string is password complient. So passing the string to the function, this one should return the proper error when the string is not password complient but return 0 when the string is password complient.

Regards

Daniel

0 Kudos

I believe it's done by the SAP kernel (CALL 'PASSWORD') and you don't have access to it.

Rob

0 Kudos

Additionally FM RSEC_GENERATE_PASSWORD generates valid passwords. You might have a look at what it's doing. There's other information on the web as well.

Rob

0 Kudos

I found the function I need.

PASSWORD_FORMAL_CHECK

Thanks for help.

Regards

Daniel