Show TOC

Mapping Roles for a PackageLocate this document in the navigation structure

SAP Mobile Platform uses a role mapper to map logical and physical roles during an access control check. This allows developers to create applications that incorporate a logical access control policy. When the application is deployed, a security administrator can work with the developer to understand what the logical roles in the application were intended to do and map these logical roles to physical roles that exist in the real security system. Role mappings performed at the package level override the mappings set at the global level. Package-level role mappings apply to all packages that use the same security configuration, even if the package is deployed in multiple domains. You can set the mapping state either when managing roles, or after package deployment.


Unwired Platform cannot query all enterprise security servers directly; to perform authentication successfully, know the physical roles that are required.


  1. For package-specific role mapping, select and deploy an available package. Follow the wizard prompts until you reach the Configure Role Mapping page for the target package.
  2. Select a logical role and select one of the following in the adjacent list:
    State Description
    AUTO To map the logical role to a physical role of the same name.
    NONE To disable the logical role, which means that the logical role is not authorized.
    MAP To manually map the logical role when the physical and logical role names do not match. See Mapping a Physical Role Manually.
  3. Click Next.
    The Server Connection page appears.


Deployment-time role mapping is done at the package level. Once the package is deployed, you can change the role mapping by going to the Role Mapping tab for the desired package.