To connect to the OpenDS LDAP server, add the following lines to your configuration file, derby.properties. You may also want to store these properties in your database and lock them down by setting the derby.database.propertiesOnly property (see for an example of how to lock down database properties):

Finally, start ij in the directory where you created your derby.properties (this ensures that embedded will come up with the authentication settings listed above). Run the following commands:

Verify that authentication works by trying to connect again, this time with bad credentials:

When you set the property derby.authentication.server, you can specify the LDAP server using just the server name, the server name and its port number separated by a colon, or an ldap URL as shown in the example. If you do not provide a full URL, will by default use unencrypted LDAP. To use SSL encrypted LDAP, specify a URL that starts with ldaps://. For details on the derby.authentication.server and derby.authentication.provider properties, see the .

If you run Java DB under a Java security manager, your policy file will need to grant the privilege to connect to the LDAP server. To see how to do this, consult the policy file shown in . Specifically, you will need to grant java.net.SocketPermission to derby.jar, so that the code is allowed to contact the LDAP server to perform the authentication. See for more information.