Authorization

An access policy rule describes which user identity or role is authorized to access a specific resource under named or configured conditions. Unwired Server can be configured to include an authorization provider to authorize device users to access sensitive enterprise data. Sybase Control Center can also authorize administrators to access the complete set of Unwired Platform administration functionality, but domain administrators to only domain specific parts.

Unwired Server authorizes devices users with an authentication provider defined in a new security configuration configured by the platform administrator in Sybase Control Center. By contrast, Sybase Control Center authorizes administrators with the "admin" security configuration in the "default" domain.

Security providers only act as policy enforcers, and therefore do not allow administrators or domain administrators to directly:

• Define, modify, grant, revoke, or delete policies in the enterprise security repository. Only the security administrator has that privilege.
• Manage roles in the enterprise security repository.

  If you require roles, the physical role must exist in the repository. Administrators then later map the logical role used in the mobile business object to this physical role equivalent.

Instead, you must use the third-party administration tools available exclusively for that purpose.