apache > db
Apache DB Project
Font size:      

Built-in Derby Users

Built-in Derby Users

Derby provides a simple, built-in repository of user names and passwords.

To use the built-in repository, set derby.authentication.provider to BUILTIN. Using built-in users is an alternative to using an external directory service such as LDAP.


You can create user names and passwords for Derby users by specifying them with the derby.user.UserName property.

These user names are case-sensitive for user authorization. User names are SQL92Identifiers. Delimited identifiers are allowed:

For more information on user names and SQL92Identifiers, see Users and Authorization Identifiers.

For passwords, it is a good idea not to use words that would be easily guessed, such as a login name or simple words or numbers. A password should be a mix of numbers and upper- and lowercase letters.

Database-Level Properties

When you create users with database-level properties, those users are available to the specified database only.

You set the property once for each user. To delete a user, set that user's password to null.

-- adding the user sa with password 'derbyE'
    'derby.user.sa', 'derbypass')
-- adding the user mary with password 'little7xylamb'
    'derby.user.mary', 'little7xylamb')
-- removing mary by setting password to null
    'derby.user.mary', null)

System-Level Properties

When you create users with system-level properties, those users are available to all databases in the system.

You set the value of this system-wide property once for each user, so you can set it several times. To delete a user, remove that user from the file.

You can define this property in the usual ways--typically in the derby.properties file. For more information about setting properties, see Tuning Derby.

Here is a sample excerpt from the derby.properties file:

# Users definition

Previous Page
Next Page
Table of Contents