The UserRoleAuthorizer provider grants logical roles to specific users when their roles cannot be retrieved from the back end by the configured authentication provider. You cannot manually configure this provider.
This provider is part of all security configurations that are created or updated in Management Cockpit. UserRoleAuthorizer simply implements the checkRole method to compare the current user name to the physical role name that is passed in.
Is granted the physical role user:jsmith
Is granted the logical role Notification User
Can perform Notification Push