5 Replies Latest reply: Apr 8, 2013 11:39 AM by JeromeFr RSS

    DEV_ODI_REPO - Password Security, Connect to Repository developer access

      Question about the Security of the ODI Master and Work Repositories. When logging into ODI Studio in the 'Repository Connection Information' dialog box, there are 2 sections. This first 'Oracle Data Integrator Connection' specifies ODI Application Level Security; the ODI Admin would use SUPERVISOR and would then created ODI Logins for Developers with appropriate privileges to Projects, Topology etc..

      However in the second section for 'Database Connection Information', this is where the DEV_ODI_REPO/[Passwod] (or other ODI Repository Schema) is specified.

      If the Developer needs to know the DEV_ODI_REPO Password in order to create the Repository Connection, then what stops this Developer from using the DEV_ODI_REPO login at the Database Level?

      The Developer can use SQL Developer (Toad etc.) to directly access to the Repository Tables. Isn't this a security breach?