When running Derby in embedded mode or when using the Derby Network Server, you can enable or disable server-side user authentication. However, when using the Network Server, the default security mechanism (CLEAR_TEXT_PASSWORD) requires that you supply both the user name and password.
In addition to the default user name and password security mechanism, org.apache.derby.jdbc.ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY, Derby Network Server supports the following security properties:
When using this mechanism, you must specify only the user property.
When using this mechanism, both password and user id are encrypted.
When using this mechanism, a strong password substitute is generated and used to authenticate the user with the network server. The original password is never sent in any form across the network.
The user's name that is specified upon connection is the default schema for the connection, if a schema with that name exists. See the Derby Developer's Guide for more information on schema and user names.
If you specify any other security mechanism, you will receive an exception.
To change the default, you can specify another security mechanism either as a property or on the URL (using the securityMechanism attribute) when making the connection.