To connect to the OpenDS LDAP server, add the following lines to your
configuration file,
derby.properties. You may also want to store these properties
in your database and lock them down by setting the
derby.database.propertiesOnly property (see
for an example of how to lock down
database properties):
derby.connection.requireAuthentication=true
derby.authentication.server=ldap://127.0.0.1:1389
derby.authentication.provider=LDAP
derby.authentication.ldap.searchAuthPW=YOUR_SELECTED_PASSWORD
derby.authentication.ldap.searchAuthDN=cn=Directory Manager
derby.authentication.ldap.searchBase=dc=example,dc=com
derby.authentication.ldap.searchFilter=objectClass=person
Finally, start ij in the directory where you created your
derby.properties (this ensures that embedded
will come up with the
authentication settings listed above). Run the following commands:
java org.apache.derby.tools.ij
ij version 10.11
ij> connect 'jdbc:derby:testdb;create=true;user=tquist;password=tquist';
Verify that authentication works by trying to connect again, this time with
bad credentials:
java org.apache.derby.tools.ij
ij version 10.11
ij> connect 'jdbc:derby:testdb;create=true;user=tquist;password=badpassword';
ERROR 08004: Connection authentication failure occurred. Reason: Invalid authentication...
When you set the property derby.authentication.server, you
can specify the LDAP server using just the server name, the server name and its
port number separated by a colon, or an ldap URL as shown in
the example. If you do not provide a full URL,
will by default use
unencrypted LDAP. To use SSL encrypted LDAP, specify a URL that starts with
ldaps://. For details on the
derby.authentication.server and
derby.authentication.provider properties, see the
.
If you run Java DB under a Java security manager, your policy file will
need to grant the
privilege to connect to the LDAP server. To see how to do this, consult the
policy file shown in .
Specifically, you will need to grant java.net.SocketPermission
to derby.jar, so that the
code is allowed to
contact the LDAP server to perform the authentication. See
for more
information.