SAP Mobile Platform uses a role mapper to map logical and physical roles during an access control check. This allows developers to create applications that incorporate a logical access control policy. When the application is deployed, a security administrator can work with the developer to understand what the logical roles in the application were intended to do and map these logical roles to physical roles that exist in the real security system. Role mappings performed at the package level override the mappings set at the global level. Package-level role mappings apply to all packages that use the same security configuration, even if the package is deployed in multiple domains. You can set the mapping state either when managing roles, or after package deployment.
|AUTO||To map the logical role to a physical role of the same name.|
|NONE||To disable the logical role, which means that the logical role is not authorized.|
|MAP||To manually map the logical role when the physical and logical role names do not match. See Mapping a Physical Role Manually.|