By default, ODI authenticates users as well as user privileges against the security information stored in the ODI master repository. Beginning with the ODI 11.1.1.3 release, ODI can utilize OPSS to authenticate users against a variety of identity stores. This architecture allows ODI users to be authenticated outside of ODI, however ODI's internal security still provides the user's authorization to the ODI objects. ODI users and their privileges must be created in ODI's internal security. The ODI users are mapped to the identity store and, during authentication, the ODI user is authenticated against the identity store, and once authenticated, ODI's internal security provides the authorization of the user to ODI objects.
OPSS works with a variety of identity stores; more information on OPSS can be found here at http://docs.oracle.com/cd/E23943_01/core.1111/e10043/underjps.htm#CIHFHJCC.
This recipe will utilize the LDAP Server, which is embedded...