Signed jar files

In a Java 2 environment, Derby can detect digital signatures on jar files. When attempting to load a class from a signed jar file stored in the database, Derby will verify the validity of the signature.

Note: The Derby class loader only validates the integrity of the signed jar file and that the certificate has not expired. Derby cannot ascertain whether the validity/identity of declared signer is correct. To validate identity, use a Security Manager (i.e., an implementation of java.lang.SecurityManager).

When loading classes from an application jar file in a Java 2 environment, Derby behaves as follows:

Note: Derby does not provide a security manager.

For more information about signed jar files, see the Java 2 specifications at

For more information about Java 2 security, go to

Related concepts
Class loading overview
Create jar files for your application
Add the jar file or files to the database
Enable database class loading with a property
Code your applications
Configuring security for your environment
Working with user authentication
Users and authorization identifiers
User authorizations
Encrypting databases on disk
Notes on the Derby security features
User authentication and authorization examples
Running Derby under a security manager