Specifies the search filter to use to determine what constitutes a user (and other search predicate) for Derby searches for a full DN during user authentication.
If you set this property to derby.user, Derby looks for cached full DNs for users that you have defined with the derby.user.UserName property. For other users, Derby performs a search using the default search filter.
For more information about LDAP user authentication, see "LDAP Directory Service" in Chapter 7 of the Derby Developer's Guide.
derby.authentication.ldap.searchFilter= { searchFilter | derby.user)
(&(objectClass=inetOrgPerson)(uid=userName))
-- system-wide properties derby.authentication.ldap.searchFilter=objectClass=person ## people in the marketing department ## Derby automatically adds (uid=<userName>) derby.authentication.ldap.searchFilter=(&(ou=Marketing) (objectClass=person)) ## all people but those in marketing ## Derby automatically adds (uid=<userName>) derby.authentication.ldap.searchFilter=(&(!(ou=Marketing) (objectClass=person)) ## map %USERNAME% to user, not uid derby.authentication.ldap.searchFilter=(&((ou=People) (user=%USERNAME%)) ## cache user DNs locally and use the default for others derby.authentication.ldap.searchFilter=derby.user -- database-wide property CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY( 'derby.authentication.ldap.searchFilter', 'objectClass=person')
Static. For system-wide properties, you must reboot Derby for the change to take effect. For database-wide properties, you must reboot the database for the change to take effect.