The password reset functionality in Opensso works in a manner that when a user wish to reset his password, he is asked to provide a answer to a security question and than opensso resets his password and send it via email.
What I need to achieve is , for some users OpenSSO should not prompt for security Question and Answer, rather when he tries to reset his password, it is directly send to his email. I have a value in LDAP via which I can identify which user should not be prompted for security question but want to know how to and where to inject this code to achieve this.
Is this task doable? If yes please provide some help to achieve this.