Different security providers give Unwired Server security features that include authentication, and authorization capabilities.
Configure security providers for Unwired Server by logging in to the server in Sybase Control Center and clicking . Configuring these providers writes changes to the Unwired Server configuration properties file.
For third-party providers, save related JAR files or DLLs in the <UnwiredPlatform_InstallDir>\UnwiredPlatform\Servers\UnwiredServer\lib\ext folder.
- Authentication modules – verify the identity of a user accessing a network with the mobile application, typically via a login form or some other login or validation mechanism. Authentication in Unwired Server is distinct from authorization. You must have at least one authentication module configured in a production deployment of Unwired Server. You can stack multiple providers so users are authenticated in a particular sequence.
- Authorization modules – check the access privileges for an authenticated identity. Sybase recommends that you have at least one authorization module configured in a production deployment of Unwired Server.
- Auditing modules – report all audit events to allow you to evaluate the security system implementation for Unwired Server. Auditing provides you a record of all the security decisions that have been made. Each successful authentication creates a session key that shows up in subsequent security checks for that user. Unsuccessful authentications are also logged. Each authorization records what roles were checked, or what resource was accessed. Audit filters determine what events get recorded, the audit format determines what the audit records look like, and the audit destination specifies where audit records are sent.
Use the audit trail to identify who did what and when, with respect to objects secured by your providers.
Auditing modules are optional.
In most cases, each security module requires a unique set of configuration properties. However, there are some cases when modules require a common set of properties, and these properties are configured once for each module on a tab created for that purpose.
You can configure different security providers for administrator authenticaton and device user authentication. For more information on configuring security providers depending on the type of user, see either Enabling Authentication and RBAC for User Logins or Enabling Authentication and RBAC for Administrator Logins in the Security guide.