Please help me to get my requirement below:
When a user is forced to change their password, it should not be possible for
them to avoid changing the password by entering the URL directly into the
web browser of the page they wish to visit.
I am using APEX 4.1.1
Edited by: Animesh Tripathi on Jan 15, 2013 11:54 PM
Edited by: Animesh Tripathi on Jan 15, 2013 11:55 PM
You can create On Load Before Header Applicaton Process that will check if user have to change password and redirect him that page (you can use apex_util.redirect_url).
Since the subject of this thread is about preventing tampering of the URL by the end users, you need to study about "Session State Protection":
This blog might be helpful as well: