Details
Description
The Derby documentation does not make it clear that Derby's built-in authentication mechanism is intended for development and testing use but should not be deployed in production systems. Such systems should use LDAP or a user-written mechanism.
This should be fixed in the trunk and in the documentation for releases 10.1 through 10.5.
The note needs to be added to one topic in the Admin Guide, two topics in the Reference Manual (the Tuning Guide in 10.4 and earlier releases), and a varying number of topics in the Developer's Guide, ranging from 7 in 10.1 through 10.3 to 13 in the trunk.