User authentication differences

When running Derby in embedded mode or when using the Derby Network Server, you can enable or disable server-side user authentication. However, when using the Network Server, the default security mechanism (CLEAR_TEXT_PASSWORD_SECURITY) requires that you supply both the user name and password.

In addition to the default user name and password security mechanism, org.apache.derby.jdbc.ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY, Derby Network Server supports the following security properties:

The user's name that is specified upon connection is the default schema for the connection, if a schema with that name exists. See the Derby Developer's Guide for more information on schema and user names.

If you specify any other security mechanism, you will receive an exception.

To change the default, you can specify another security mechanism either as a property or on the URL (using the securityMechanism=value attribute) when making the connection. For details, see Network client security and "securityMechanism=value attribute" in the Derby Reference Manual.

Whether the security mechanism you specify for the client actually takes effect depends upon the setting of the derby.drda.securityMechanism property for the Network Server. If the derby.drda.securityMechanism property is set, the Network Server accepts only connections that use the security mechanism specified by the property setting. If the derby.drda.securityMechanism property is not set, clients can use any valid security mechanism. For details, see derby.drda.securityMechanism property.

Related concepts
Differences between the embedded client and the network client driver
Updatable Result Sets
Differences in JDBC 3.0 methods
Differences using the Connection.setReadOnly method
Related reference
Error message differences