Configuring security in a client/server environment

This procedure requires a system with multiple databases and some administrative resources.

  1. Configure security features as system properties. See Scope of properties and Setting system-wide properties.
  2. Provide administrative-level protection for the derby.properties file and Derby databases. For example, you can protect these files and directories with operating system permissions and firewalls.
  3. Turn on user authentication for your system. All users must provide valid user IDs and passwords to access the Derby system. Use NATIVE authentication (or, alternatively, LDAP or a user-defined class).
    Important: It is also strongly recommended that production systems protect network connections with SSL/TLS.
  4. Configure SQL authorization for your databases.
  5. Check and if necessary configure your Derby network security according to your environment. See the section "Network client security" in the Derby Server and Administration Guide.