List of user authentication properties

The following table summarizes the Derby properties related to user authentication.

For details on these properties, see the Java DB Reference Manual.

Table 1. User authentication properties
Property Name Use
derby.authentication.provider Specifies the kind of user authentication to use.
derby.authentication.builtin.algorithm Specifies the message digest algorithm to use to protect the passwords that are stored in the database when using NATIVE or BUILTIN authentication.
derby.authentication.builtin.iterations Specifies the number of times to apply the hash function specified by the message digest algorithm.
derby.authentication.builtin.saltLength Specifies the number of bytes of random salt that will be added to users' credentials before hashing them.
derby.authentication.native.passwordLifetimeMillis Specifies the number of milliseconds that a password used for NATIVE authentication remans valid.
derby.authentication.native.passwordLifetimeThreshold Specifies the threshold that triggers a password-expiration warning for NATIVE authentication.
derby.connection.requireAuthentication Turns on user authentication. If NATIVE authentication is used, Derby behaves as if this property is set to TRUE.
derby.authentication.server For LDAP user authentication, specifies the location of the server.
derby.authentication.ldap.searchAuthDN, derby.authentication.ldap.searchAuthPW, derby.authentication.ldap.searchFilter, and derby.authentication.ldap.searchBase Configures the way that DN searches are performed.
derby.user.UserName Creates a user name and password for the BUILTIN user repository in Derby.
java.naming.* JNDI properties. See Appendix A in the JNDI API reference ( di/properties.html) for more information about these properties.
Important: Derby's BUILTIN authentication mechanism is suitable only for development and testing purposes, and it will no longer be documented in future releases. It is strongly recommended that production systems rely on NATIVE authentication, an external directory service such as LDAP, or a user-defined class for authentication. It is also strongly recommended that production systems protect network connections with SSL/TLS.
Related concepts
Using NATIVE authentication
Enabling user authentication
Defining users
External directory service
Programming applications for Derby user authentication