UserRoleAuthorizer Provider

The UserRoleAuthorizer provider grants logical roles to specific users when their roles cannot be retrieved from the back end by the configured authentication provider. You cannot manually configure this provider.

This provider is part of all security configurations that are created or updated in Management Cockpit. UserRoleAuthorizer simply implements the checkRole method to compare the current user name to the physical role name that is passed in.

UserRoleAuthorizer allows role checks for the role user:<userName> to succeed. For example, if this authorization provider is enabled, an administrator can grant the Notification User role o user:jsmith. A user who is authenticated as jsmith:
  • Is granted the physical role user:jsmith

  • Is granted the logical role Notification User

  • Can perform Notification Push