Document derby.authentication.builtin.saltLength and derby.authentication.builtin.iterations

DERBY-5539 introduced two new properties that control how BUILTIN stores credentials:

• derby.authentication.builtin.saltLength (default: 16)

This property specifies the number of bytes of random salt that will be added to the credentials before hashing them. (Purpose of the property: Make it infeasible to construct rainbow tables.)

• derby.authentication.builtin.iterations (default: 1000, minimum: 1)

This property specifies the number of times to apply the hash function (which is specified by derby.authentication.builtin.algorithm) on the credentials. (Purpose of the property: Slow down attackers as they'll need to spend more time calculating hashes.)

Both the properties have effect only if BUILTIN authentication is enabled and derby.authentication.builtin.algorithm has a non-null value.