Use the derby.database.sqlAuthorization property to enable SQL standard authorization.
The derby.database.sqlAuthorization property controls the ability for object owners to grant and revoke permission for users to perform actions on database objects. It also controls the ability for users to create, set, and drop roles.
The valid settings for the derby.database.sqlAuthorization property are:
The default setting for the derby.database.sqlAuthorization property is FALSE.
The derby.database.sqlAuthorization property is usable only if the property derby.connection.requireAuthentication is also set to true, since SQL authorization is of no value unless authentication is also enabled.
After you set the derby.database.sqlAuthorization property to TRUE, you cannot set the property back to FALSE.
You can set the derby.database.sqlAuthorization property as a system property or as a database property. If you set this property as a system property before you create the databases, all new databases will automatically have SQL authorization enabled. If the databases already exists, you can set this property only as a database property.
To enable SQL standard authorization for the entire system, set the derby.database.sqlAuthorization property as a system property:
derby.database.sqlAuthorization=true
To enable SQL standard authorization for a specific database, set the derby.database.sqlAuthorization property as a database property:
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY( 'derby.database.sqlAuthorization', 'true')