SAP Mobile Platform uses a role mapper to map logical and physical roles
during an access control check.
This
allows developers to create applications that incorporate a logical access control policy.
When the application is deployed, a security administrator can work with the developer to
understand what the logical roles in the application were intended to do and map these
logical roles to physical roles that exist in the real security system. Role mappings
performed at the package level override the mappings set at the global level. Package-level
role mappings apply to all packages that use the same security configuration, even if the
package is deployed in multiple domains. You can set the mapping state either when managing
roles, or
after
package deployment.
Prerequisites
Unwired
Platform cannot query all enterprise security servers directly; to perform
authentication successfully, know the physical roles that are required.
Procedure
- For package-specific role mapping, select and deploy an
available package. Follow the wizard prompts until you reach the Configure Role
Mapping page for the target package.
- Select a logical role and select one of the following in the adjacent list:
| State |
Description |
|---|
| AUTO |
To map the logical role to a physical role of the same
name. |
| NONE |
To disable the logical role, which means that the logical role is
not authorized. |
| MAP |
To manually map the logical role when the physical and logical role
names do not match. See Mapping a Physical Role
Manually. |
- Click Next.
The Server Connection page appears.
Results
Deployment-time role mapping is done at the package level. Once the
package is deployed, you can change the role mapping by going to the Role Mapping tab
for the desired package.
