In most cases, you enable
Derby security features
through the use of properties. It is important to understand the best way to set
properties for your environment.
Derby does
not come with a built-in superuser. For that reason, be careful to follow these
steps when you configure
Derby for user authentication
and user authorization.
- When first working with security, work with system-level properties only
so that you can easily override them if you make a mistake. See
"Scope of properties" and "Setting system-wide properties" in the
Derby Developer's Guide for more information.
- Be sure to create at least one valid user, and grant that user full
(read-write) access. For example, you might always want to create a user called
sa with the password
derby while
you are developing.
- Test the authentication system while it is still configured at the system
level. Be absolutely certain that you have configured the system correctly
before setting the properties as database-level properties.
- Before disabling system-level properties (by setting
derby.database.propertiesOnly to true), test that at least one
database-level read-write user (such as sa) is valid. If you do
not have at least one valid user that the system can authenticate, you will not
be able to access your database.