Unwired Server requires administrators to configure security provider for device users. The production environment for your device applications may require you to create multiple security configurations of different types of providers.
Use Sybase Control Center to configure security providers for device users security.
For example, a company sales employee needs to look up a client's phone number in a phone book device application. This authentication sequence allows the sales employee to access data from the phone book application:
- The employee tries to open the application, which prompts for a user name and password, which is local to the device, and not explicitly tied to a corporate security account.
- The first time the application is opened, the employee must synchronize the customer MBO to access the client phone number.
- Unwired Server gets an authentication request.
- Unwired Server sends the request to the authentication provider that processes the login credentials.
- The provider checks the user name and password against information stored in authentication repository, in this case, an LDAP directory server on the corporate LAN.
- The directory server evaluates the access policy to see if the authenticated user has permission to
access this client's contact information.
- If the login request is valid, the user is authenticated. Because the employee has the correct access privileges, Unwired Server is notified and the resource request is fulfilled.
Note: The granularity of access control checks is at the MBO-class or MBO-operation level. Therefore, if the user has access to one customer record, he or she can access all customer records.
- If the login request is invalid, an error
is generated and authentication fails.