's
built-in authentication mechanism is suitable only for development and testing
purposes. It is strongly recommended that production systems rely on LDAP or a
user-defined class for authentication. It is also strongly recommended that
production systems protect network connections with SSL/TLS.
To use the built-in repository, set derby.authentication.provider to BUILTIN.
Using built-in users is an alternative to using an external directory service
such as LDAP.
derby.authentication.provider=BUILTIN
You can create user names and passwords for users
by specifying them with the derby.user.UserName property.
These user names are case-sensitive for user authentication. User names
are SQL92Identifiers. Delimited identifiers are allowed: derby.user."FRed"=java
For passwords, it is a good idea not to use words that would be easily
guessed, such as a login name or simple words or numbers. A password should
be a mix of numbers and upper- and lowercase letters.