When running in embedded mode or when using the Network Server, you can enable or disable server-side user authentication. However, when using the Network Server, the default security mechanism (CLEAR_TEXT_PASSWORD) requires that you supply both the user name and password.

In addition to the default user name and password security mechanism, org.apache.derby.jdbc.ClientDataSource.CLEAR_TEXT_PASSWORD_SECURITY, Network Server supports the following security properties:

• UserID (org.apache.derby.jdbc.ClientDataSource.USER_ONLY_SECURITY)

  When using this mechanism, you must specify only the user property.

• Encrypted UserID and encrypted password (org.apache.derby.jdbc.ClientDataSource.ENCRYPTED_USER AND_PASSWORD_SECURITY)

  When using this mechanism, both password and user id are encrypted.

The user's name that is specified upon connection is the default schema for the connection, if a schema with that name exists. See the for more information on schema and user names.

If you specify any other security mechanism, you will receive an exception.

To change the default, you can specify another security mechanism either as a property or on the URL (using the securityMechanism attribute) when making the connection.