Friday, August 24, 2007

Password encryption in Derby 10.3

A reader asked if password encryption is enabled by default in 10.3. I checked with the Derby team, and the answer is, no, the password is still sent in the clear by default in 10.3. You have to enable it by setting the securityMechanism property on the URL.

See http://db.apache.org/derby/docs/dev/ref/rrefattribsecmech.html for more details.

No comments: