Security Configurations

Sybase Unwired Platform does not provide proprietary security systems for storing and maintaining users and access control rules, but delegates these functions to the enterprise’s existing security solutions.

A security configuration determines the scope of user identity, performs authentication and authorization checks, and can be assigned multiple levels (domain or package). Applications inherit a security configuration when the administrator assigns the application to a domain via a connection template.

Users can be authenticated differently, depending on which security configuration is used. For example, a user identified as "John" may be authenticated different ways, depending on the named security configuration protecting the resource he is accessing: it could be an MBO package, a DCN request, use of Sybase Control Center .

The anonymous security configuration provides unauthenticated user access, and are targeted to applications that do not require tight security.

Security configurations aggregate various security mechanisms for protecting Unwired Platform resources under a specific name, which administrators can then assign. Each security configuration consists of:

A set of configured security providers. Security provider plug-ins for many common security solutions are included with the Sybase Unwired Platform.
Role mappings (which are set at the domain and package level) that map logical roles to back end physical roles.

A user entry must be stored in the security repository used by the configured security provider to access any resources (that is, either a Sybase Control Center administration feature or an application package that accesses data sets from a back-end data source). When a user attempts to access a particular resource, Unwired Server tries to authenticate and authorize the user, by checking the security repository for:

Security access policies on the requested resource
Role memberships

Creating a Security Configuration
Create and name a set of security providers and physical security roles to protect Sybase Unwired Platform resources.
Assigning a Security Configuration to a Domain
Assign security configurations to one or more domains. This allows the supAdmin to offer a security repository for application user authentication and authorization, as well as to share security providers across domains in case one tenant uses mutiple domains.
Viewing Security Configuration Usage
You can view the security configurations and logical roles used to access applications. This enables you to assess the impact of changing a security configuration or logical role.
Anonymous Access Security Configuration
Allow unauthenticated users access to application data, for example, applications that allow users to browse a read-only product catalog without logging in by assigning the anonymous security configuration to the application.
SiteMinder Authentication with Sybase Unwired Platform
Configure your SiteMinder environment for authentication in Sybase Unwired Platform.

Parent topic: Administer

Related tasks

Configuring Domain Security

Creating Logical Roles for a Security Configuration

Mapping a Physical Role Manually