Return-Path: 
 <derby-user-return-5266-apmail-db-derby-user-archive=db.apache.org@db.apache.org>
Delivered-To: apmail-db-derby-user-archive@www.apache.org
Received: (qmail 29707 invoked from network); 23 Sep 2006 21:16:52 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 23 Sep 2006 21:16:52 -0000
Received: (qmail 28824 invoked by uid 500); 23 Sep 2006 21:16:51 -0000
Delivered-To: apmail-db-derby-user-archive@db.apache.org
Received: (qmail 28805 invoked by uid 500); 23 Sep 2006 21:16:51 -0000
Mailing-List: contact derby-user-help@db.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:derby-user-help@db.apache.org>
list-unsubscribe: <mailto:derby-user-unsubscribe@db.apache.org>
List-Post: <mailto:derby-user@db.apache.org>
List-Id: <derby-user.db.apache.org>
Reply-To: "Derby Discussion" <derby-user@db.apache.org>
Delivered-To: mailing list derby-user@db.apache.org
Received: (qmail 28792 invoked by uid 99); 23 Sep 2006 21:16:51 -0000
Received: from idunn.apache.osuosl.org (HELO idunn.apache.osuosl.org)
 (140.211.166.84)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 23 Sep 2006 14:16:51 -0700
Authentication-Results: idunn.apache.osuosl.org
 header.from=kartha02@gmail.com; domainkeys=good
Authentication-Results: idunn.apache.osuosl.org smtp.mail=kartha02@gmail.com;
 spf=pass
X-ASF-Spam-Status: No, hits=0.5 required=5.0 tests=DNS_FROM_RFC_ABUSE
Received-SPF: pass (idunn.apache.osuosl.org: domain gmail.com designates
 64.233.166.182 as permitted sender)
DomainKey-Status: good
X-DomainKeys: Ecelerity dk_validate implementing
 draft-delany-domainkeys-base-01
Received: from [64.233.166.182] ([64.233.166.182:63558]
 helo=py-out-1112.google.com)
	by idunn.apache.osuosl.org (ecelerity 2.1.1.8 r(12930)) with ESMTP
	id 51/40-04916-044A5154 for <derby-user@db.apache.org>;
 Sat, 23 Sep 2006 14:16:49 -0700
Received: by py-out-1112.google.com with SMTP id d80so1967831pyd
        for <derby-user@db.apache.org>; Sat, 23 Sep 2006 14:16:45 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
        s=beta; d=gmail.com;
        h=received:message-id:date:from:user-agent:x-accept-language:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding;
        b=lBJ1xfrFd0WXqsN2usvGR3Mbn296gXtINczS2BaggDsq6l+tqFxOFa46UtoJekUXWes2xgMsgNP7/w+Y0SW7djbMhL6dmwZG9oPiKqfFNitqMKGaUIRfvjR90G7wcdu8J3kNYuGE2LznUrX8pgZKByiDAIkBMainDKYWEBB3oKI=
Received: by 10.65.176.3 with SMTP id d3mr2344217qbp;
        Sat, 23 Sep 2006 14:16:45 -0700 (PDT)
Received: from ?192.168.0.2? ( [24.6.28.116])
        by mx.gmail.com with ESMTP id a29sm649359qbd.2006.09.23.14.16.44;
        Sat, 23 Sep 2006 14:16:45 -0700 (PDT)
Message-ID: <4515A405.3020707@gmail.com>
Date: Sat, 23 Sep 2006 14:15:49 -0700
From: Rajesh Kartha <kartha02@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.7.12) Gecko/20050915
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Derby Discussion <derby-user@db.apache.org>
Subject: Re: derby security
References: <b262b1970608290100j3002df2cy4467e7b8eeac4280@mail.gmail.com>
	 <44F3FBF6.4090802@sun.com>
	 <7921d3e40608291747yde840ban75bcad8c3ac4f8a0@mail.gmail.com>
 <b262b1970609231036r61ac1c8am1ba598fa7d052d58@mail.gmail.com>
In-Reply-To: <b262b1970609231036r61ac1c8am1ba598fa7d052d58@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

Hello,

The 'derby.connection.requireAuthentication' need to set as system 
property (using -D)  while running your application
or as a database property (within the database).

More info at:
http://db.apache.org/derby/docs/dev/tuning/rtunproper27467.html

Also, there is some discussion on this in one of the JIRA issues at:
http://issues.apache.org/jira/browse/DERBY-1711

 From you example you seem to pass the property as Connection properties 
which has a limited scope.

Hope the above helps. Do post to the list should you have further questions.

-Rajesh


Hong Ji wrote:

> The ij is still able to access the database without user name and 
> password.
>  
> I set properties and create new database in java as following:
>  
>         m_dbProperties = new Properties();
>         m_dbProperties.put("user", "admin");
>         m_dbProperties.put("password", "adminadmin");
>         m_dbProperties.put(" derby.driver", 
> "org.apache.derby.jdbc.EmbeddedDriver");
>         m_dbProperties.put("derby.url", "jdbc:derby:");
>         m_dbProperties.put("derby.connection.requireAuthentication ", 
> "true");
>  
>         m_dbProperties.put("create", "true");
>         
>         dbConnection = DriverManager.getConnection(dbUrl, m_dbProperties);
>       
> Is something still not set up properly?
>  
> Thanks.
>  
> Hong
>  
>  
>  
> On 8/29/06, *Francois Orsini* <francois.orsini@gmail.com 
> <mailto:francois.orsini@gmail.com>> wrote:
>
>     and make sure to re-boot the database or derby instance for the
>     'derby.connection.requireAuthentication' property to be taken into
>     account...It is a static property.
>
>
>     On 8/29/06, *Fernanda Pizzorno* <Fernanda.Pizzorno@sun.com
>     <mailto:Fernanda.Pizzorno@sun.com>> wrote:
>
>         To enable user authentication in Derby you must set the
>         /derby.connection.requireAuthentication/ property to true.
>
>         You can find more information about derby security on "Derby and
>         Security" in "/Derby Developer's Guide"
>         ( http://db.apache.org/derby/docs/dev/devguide/
>         <http://db.apache.org/derby/docs/dev/devguide/>).
>
>         Fernanda
>         /
>         Hong Ji wrote:
>> Hello,
>>
>> I created a derby database in Java with user name and password.
>> However, the
>> ij tool can open and view the database without input of the
>         user name or
>> password.
>>
>> So how could a derby database be protected? Anyone can use ij
>         to view the
>> database?
>>
>> Thanks.
>>
>> Hong Ji
>>
>
>
>