<< Configuring security for your environment | Derby user authentication using an external service >>

Configuring security in an embedded environment

Derby Developer's Guide

4. Configure user authorization for sensitive databases in your system. Only

designated users will be able to access sensitive databases. You typically configure
user authorization with database-level properties. It is also possible to configure
user authorization with system-level properties. This is useful when you are
developing systems or when all databases have the same level of sensitivity.

5. Check and if necessary configure your Derby network security according to your

environment. See the section "Network client security" in the Derby Server and
Administration Guide.

Configuring security in an embedded environment

In an embedded environment, typically there is only one database per system and there
are no administrative resources to protect databases.

To configure security in an embedded environment:

1. Encrypt the database when you create it.
2. Configure all security features as database-level properties. These properties are

stored in the database (which is encrypted). See

Scope of properties

and

Setting

database-wide properties

for more information.

3. Turn on protection for database-level properties so that they cannot be overridden

by system properties by setting the derby.database.propertiesOnly property to
TRUE. See the Derby Reference Manual for details on this property.

4. To prevent unauthorized users from accessing databases once they are booted,

turn on user authentication for the database and configure user authorization for the
database.

5. If you are using Derby's built-in users, configure each user as a database-level

property so that user names and passwords can be encrypted.

> Important: Derby's built-in authentication mechanism is suitable only for
development and testing purposes. It is strongly recommended that production
systems rely on LDAP or a user-defined class for authentication. It is also strongly
recommended that production systems protect network connections with SSL/TLS.

Working with user authentication

Derby provides support for user authentication and user authorization. User
authentication means that Derby authenticates the name and password for a user before
allowing that user access to the system. User authorization allows access to a particular
database. You are strongly urged to implement both authentication and authorization on
any multi-user database used in production.

When user authentication is enabled (which it is not by default), the user requesting a
connection must provide a valid name and password, which Derby verifies against the
repository of users defined for the system. After Derby authenticates the user, it grants
the user access to the Derby system but not necessarily access to the database made in
the connection request. In the Derby system, access to a database is determined by

user

authorization

For user authentication, Derby allows you to provide a repository of users in a number
of different ways. For example, you can hook Derby up to an external directory service
elsewhere in your enterprise, create your own directory service, or use Derby's simple
mechanism for creating a built-in repository of users.

> Important: Derby's built-in authentication mechanism is suitable only for development
and testing purposes. It is strongly recommended that production systems rely on an
external directory service such as LDAP or a user-defined class for authentication. It is