In this post I have implemented a work around of OIM customization message. I have achieve requirement of user see message that only 3 out of 5 correct answer will let them reset their password( on my different post I have mentioned on how to set property that will allow 3 correct answers out of 5 in order to reset the password). you can have any number of correct answer configured as per your requirement.
This functionality could have been achieved by only customization the message at password reset page but once I change the message I got access denied error. this post is work around of that error.
1. Login to identity screen.
2.
http://servername:port/identity/
3. Create sandbox
4. at Popup window enter sandbox name
5. Sandbox name password_msg.
6. Save and close the popup.
7. Open another tab and enter url as show below
a.
http://servername:port/identity/faces/forgotpassword
8. Enter username as test and click next
9. go to the first Tab(identity tab) Click on Customize.
10. Click on View at the left side corner and select Source.
11. It will show 2 screens at the same page
12. Go to the first tab(forgotpassword) and click refresh.
13. Click on the message "Answer the challenge questions below with the answers you set during registration."
14. Click Edit(it will open and popup now close this popup).
15. Click Close (on right corner to close the customization mod)
16. Come to the first tab(identity) and click on Close again(close customization).
17. Deactivate SandBox and Export Sandbox.
18. Exported sandbox will be on your local computer download folder.
19. Unzip the sand box and go to \oracle\iam\ui\unauthenticated\forgotpassword\pages\mdssys\cust\site\site\
20. Open ansChallengeQue.jsff.xml in textEditor or notepad.
21. Change
<mds:attribute name="value" value="Answer the challenge questions below with the answers you set during registration"/>
With
<mds:attribute name="value" value="Answer the challenge questions below with the answers you set during registration, only 3 correct answers will let you change the password"/>
22. Save and zip this folder to the same name password_msg
23. Login to Identity console again(if it was logged off)
24. Go to Manage Sandboxes.
25. Click on the arrows >> and you will see Import Sandboxe. Click on Import Sandboxe.
26. After successful import Publish sandbox.
Testing
Logoff from Identity console.
At the login page enter username test and click on the Forgot password Link.
Enter username test again and click Next.
At the next screen you will see the New Message (Answer the challenge questions below with the answers you set during registration, only 3 correct answers will let you change the password).