Replication and security
Derby Server and Administration Guide
81
There is no automatic failover or restart of replication after one of the instances has
failed.
Replication and security
If you want to perform replication with the security manager enabled, you must modify
the security policy file on both the master and slave systems to allow the master-slave
network connection. The section to be modified is the one following this line:
grant codeBase "${derby.install.url}derby.jar"
Add the following permission to the policy file on the master system:
permission java.net.SocketPermission "slaveHost:slavePort",
"connect,resolve";
Add the following permission to the policy file on the slave system:
permission java.net.SocketPermission "slaveHost", "accept,resolve";
slaveHost and slavePort are the values you specify for the slaveHost=hostname and
slavePort=portValue attributes, which are described in the Derby Reference Manual.
See
for details on the security policy file.
Depending on the security mode Derby is running under, the measures described in the
following table are enforced when you specify the replication-related connection URL
attributes.
Table 12.
Replication behavior with Derby security
Security Mode
Replication Attribute Requirements
No security
Anyone may specify the replication attributes
Authentication is turned
on
Normal Derby connection policy: specify valid
user=userName and password=userPassword attributes
Authorization is turned
on
The user=userName and password=userPassword
attributes must be valid, and the user must be the owner of
the replicated database
Replication failure handling
Replication can encounter several failure situations. The following table lists these
situations and describes the actions that Derby takes as a result.
Table 13.
Replication failure handling
Failure Situation
Action Taken
Master loses connection
with slave.
Transactions are allowed to continue processing while
the master tries to reconnect with the slave. Log records
generated while the connection is down are buffered
in main memory. If the log buffer reaches its size limit
before the connection can be reestablished, the master
replication functionality is stopped. You can use the property
