Showing results for 
Search instead for 
Did you mean: 

Change Password restriction

Former Member
0 Kudos

Hi All,

I would like to a list of forbidden passwords in the portal.

Because I think that this is not possible out of the box, I did some custom development.

First I located the class where the check is done: I changed the object in such a way that is read the forbidden passwords from a xml file and then compares the new password with the forbidden password list. So far so good.

Now I have 2problems:

- How can I deploy this in a clean way? This class is a standaard part of the J2EE engine, how can I overrule the original one with mine ... .

- I already tried it the dirty way: replacing the org class file in the directory \usr\sap\EPD\JC00\j2ee\cluster\server0\apps\\\servlet_jsp\logon\root\WEB-INF\classes\com\sap\security\core\sapmimp\logon

But this does not seem to be enough for letting the portal use the new class.

Can anyone help me with this deployment issue or can any-one tell me another way to check for forbidden passwords.



Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
0 Kudos


I assume you know what you are doing (it might be broken with any J2EE upgrade, SAP will not be to happy about support etc.)

In EP6 SP2 at least you need to replace the class file for SAPMLogonLogic in the jar file


do this using the jar tool provide by sun for java (and remeber that the path must be the same as the package).



Former Member
0 Kudos

I prefer not to change anything inside the original SAP file ... .

There is no other way to do the illegal passwords check?

Active Participant
0 Kudos

If you use a ABAP data suorce the password policies can be set there and the portal will respect them.