db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <rick.hille...@oracle.com>
Subject Re: password encryption for native authentication
Date Fri, 31 May 2013 15:35:25 GMT
On 5/31/13 7:46 AM, Katherine Marsden wrote:
> Does Derby implement some sort of password encryption for native 
> authentication?
>
> Sometimes,  I need to speak toward Derby's encryption capabilities in 
> the context of international export.  Normally I can just defer to the 
> java implementation for things like database encryption or SSL/TSL, 
> but I wonder if some encryption code has been added for Native 
> Authentication that needs to be considered.
>
> Thanks
>
> Kathey
>
Thanks for bringing up this topic, Kathey. Yes, the NATIVE passwords 
stored in SYS.SYSUSERS are encrypted. The encryption for a password is 
described by the corresponding SYS.SYSUSERS.HASHINGSCHEME column. The 
information in the HASHINGSCHEME column is used to construct a 
PasswordHasher for this purpose. The behavior of this hashing can be 
configured via the following Derby properties:

   derby.authentication.builtin.algorithm
   derby.authentication.builtin.iterations
   derby.authentication.builtin.saltLength

Thanks,
-Rick

Mime
View raw message