If you use NATIVE authentication, you do not need to set the
derby.connection.requireAuthentication property. When you
create a database with NATIVE authentication, simply specify a username and
password, and that user becomes the database owner.
If you do not use NATIVE authentication, you must set the
derby.connection.requireAuthentication property to true to
enable user authentication; if you do not set this property,
Derby does
not require a user name and password. You can set this property as a system-wide
property or as a database-wide property. For a multi-user product, you would
typically set it for the system in the derby.properties file
for your server, since it is in a trusted environment.
Note: If you start a Derby system
with user authentication enabled but without defining at least one user, you
will not be able to shut down the system gracefully. When Derby is
running in a connectivity server and user authentication is turned on, stopping
the server requires a user name and password. You will need to alter shutdown
scripts accordingly.
Note:
Additionally, if you create and start
a
Derby system
with user authentication and
SQL authorization
both enabled, or plan to enable them later,
you should make sure you create
the database by connecting as the user that is to become the
database
owner.
If you neglect to supply a user when the database is created, the
database owner will by default become "APP". If you later enable
both authentication and SQL authorization and "APP" is a not valid
user name, you will not be able to perform operations restricted to
the database owner, including shutting down the database (as opposed
to the full system which may currently be shut down by any
authenticated user, see previous note). Nor will you be able to
(re)encrypt the database nor perform a full upgrade of it.