The derby.database.sqlAuthorization property controls
the ability for object owners to grant and revoke permission for users to
perform actions on database objects. It also controls the ability for users
to create, set, and drop roles.
The valid settings for the derby.database.sqlAuthorization property
are:
The default setting for the derby.database.sqlAuthorization property
is FALSE.
The derby.database.sqlAuthorization property is usable only
if the property derby.connection.requireAuthentication is also
set to true, since SQL authorization is of no value unless authentication is
also enabled.
After you set the derby.database.sqlAuthorization property
to TRUE, you cannot set the property back to FALSE.
You can set the derby.database.sqlAuthorization property
as a system property or as a database property. If you set this property as
a system property before you create the databases, all new databases will
automatically have SQL authorization enabled. If the databases already exists,
you can set this property only as a database property.
To enable SQL standard authorization for the entire system, set the derby.database.sqlAuthorization property
as a system property:
derby.database.sqlAuthorization=true
To enable SQL standard authorization for a specific database, set the derby.database.sqlAuthorization property
as a database property:
CALL SYSCS_UTIL.SYSCS_SET_DATABASE_PROPERTY(
'derby.database.sqlAuthorization',
'true')