Derby and security

Derby can be deployed in a number of ways and in a number of different environments. The security needs of the Derby system are also diverse.

Derby supplies or supports the following optional security mechanisms:

• User authentication

  Derby verifies user names and passwords before permitting them access to the Derby system.

• User authorization

  A means of granting specific users permission to read a database or to write to a database.

• Disk encryption

  A means of encrypting Derby data stored on disk.

• Validation of certificates for signed jar files

  Derby validates certificates for classes loaded from signed jar files.

• Network encryption and authentication

  Derby network traffic may be encrypted with SSL/TLS. SSL/TLS certificate authentication is also supported. See "Network encryption and authentication with SSL/TLS" in the Derby Server and Administration Guide for details.

The following figure shows some of the Derby security mechanisms at work in a client/server environment. User authentication is performed by accessing an LDAP directory service. The data in the database is not encrypted in this trusted environment.

The following figure shows how another Derby security mechanism, disk encryption, protects data when the recipient might not know how to protect data. It is useful for databases deployed in an embedded environment.

• Configuring security for your environment
  In most cases, you enable Derby's security features through the use of properties. It is important to understand the best way of setting properties for your environment.
• Working with user authentication
  Derby provides support for user authentication and user authorization. User authentication means that Derby authenticates the name and password for a user before allowing that user access to the system. User authorization allows access to a particular database. You are strongly urged to implement both authentication and authorization on any multi-user database used in production.
• Users and authorization identifiers
  User names within the Derby system are known as authorization identifiers. The authorization identifier is a string that represents the name of the user, if one was provided in the connection request.
• User authorizations
  When you specify user authorizations, Derby verifies that a user has been granted permission to access a system, database, object, or SQL action.
• Encrypting databases on disk
  Derby provides a way for you to encrypt your data on disk.
• Signed jar files
  In a Java 2 environment, Derby can detect digital signatures on jar files. When attempting to load a class from a signed jar file stored in the database, Derby will verify the validity of the signature.
• Notes on the Derby security features
  TheDerby security model has some basic limitations.
• User authentication and authorization examples
  This section provides examples on using user authentication and authorization in Derby in either a client/server environment or in an embedded environment.
• Running Derby under a security manager
  When running within an application or application server with a Java 2 Security Manager enabled, Derby must be granted certain permissions to execute and access database files.