Configuring security for your environment In most cases, you enable 's security features through the use of properties. It is important to understand the best way of setting properties for your environment. Securityconfiguring

does not come with a built-in superuser. For that reason, be careful when configuring for user authentication and user authorization.

  1. When first working with security, work with system-level properties only so that you can easily override them if you make a mistake.
  2. Be sure to create at least one valid user, and grant that user full (read-write) access. For example, you might always want to create a user called sa with the password while you are developing.
  3. Test the authentication system while it is still configured at the system level. Be absolutely certain that you have configured the system correctly before setting the properties as database-level properties.
  4. Before disabling system-level properties (by setting derby.database.propertiesOnly to true), test that at least one database-level read-write user (such as sa) is valid. If you do not have at least one valid user that the system can authenticate, you will not be able to access your database.