Mapping Roles for Domains, Packages, or Applications

Role mappings can occur at two levels. Package level mappings override the mappings set at the default level. A default level is a level from which the role mapping is inherited.

Unwired Platform uses a role mapper to map logical and physical roles during an access control check. This allows developers to create applications that incorporate a logical access control policy. When the application is deployed, a security administrator can work with the developer to understand what the logical roles in the application were intended to do and map these logical roles to physical roles that exist in the real security system.

Default SUP Roles
Default Unwired Platform roles are logical roles that are built into the system.
Mapping State Reference
The mapping state determines the authorization behavior for a logical name instance.
Dynamically Mapping Physical Roles to Logical Roles
Map roles at either a domain or package level, depending on the scope requirements of a particular binding. If you use a particular role mapping for a package and a different role mapping at the domain level, the package mapping overrides the domain-level mapping.

Parent topic: Server Security

Parent topic: Enabling Authentication and RBAC for User Logins

Previous topic: Assigning Security Configurations to Domains, Packages, or Applications