Java DB

Apache Derby

Derby Server and Administration Guide

Derby Getting Started
Derby Reference Manual
Derby Developer's Guide
Derby Performance Tuning
Derby Server and Admin Guide
Derby Tools and Utilities
Derby Server and Admin Guide

-Purpose of this guide

-Part one: Derby Server Guide

-Derby in a multi-user environment

-Derby in a server framework

-Connectivity configurations
-Multiple-client features available in Derby

-The Derby Network Server
-Embedded servers
-How to start an embedded server from an application
-Embedded server example

-About this guide and the Network Server documentation

-Using the Network Server with preexisting Derby applications

-The Network Server and JVMs
-Installing required jar files and adding them to the classpath
-Starting the Network Server

-Starting the Network Server from a Java application
-Starting the Network Server on IPv6/Ipv4 dual stack Windows machines

-Shutting down the Network Server

-Shutting down by using the command line
-Shutting down by using the API

-Obtaining system information

-Obtaining system information by using the command line
-Obtaining system information by using the API

-Accessing the Network Server by using the network client driver

-Network client security
-Network client tracing
-Network client driver examples

-Accessing the Network Server by using a DataSource object

-DataSource access examples

-XA and the Network Server

-Using XA with the network client driver

-Using the Derby tools with the Network Server

-Using the Derby ij tool with the Network Server
-Using the Derby dblook tool with the Network Server

-Differences between running Derby in embedded mode and using the Network Server

-Differences between the embedded client and the network client driver
-Updatable Result Sets
-Error message differences
-User authentication differences

-Differences in JDBC 3. 0 methods
-Differences using the Connection. setReadOnly method

-Setting port numbers

-Managing the Derby Network Server

-Using the NetworkServerControl API

-Setting Network Server properties

-derby.drda.host property
-derby.drda.keepAlive property
-derby. drda. logConnections property
-derby.drda.maxThreads property
-derby.drda.minThreads property
-derby.drda.portNumber property
-derby. drda. securityMechanism property
-derby.drda.sslMode property
-derby. drda. startNetworkServer property
-derby. drda. streamOutBufferSize property
-derby.drda.timeSlice property
-derby.drda.traceAll property
-derby. drda. traceDirectory property

-Verifying Startup

-Managing the Derby Network Server remotely by using the servlet interface

-Start-up page
-Running page
-Trace session page
-Trace directory page
-Set Network Server parameters

-Derby Network Server advanced topics

-Network Server security
-Running the Network Server under the security manager

-Basic Network Server security policy
-Customizing the Network Server's security policy
-Running the Network Server without a security policy

-Running the Network Server with User Authentication
-Network encryption and authentication with SSL/TLS

-Key and certificate handling
-Starting the server with SSL/TLS
-Running the client with SSL/TLS
-Other server commands

-Configuring the Network Server to handle connections
-Controlling logging by using the log file
-Controlling tracing by using the trace facility

-Turning on the trace facility
-Turning off the trace facility

-Derby Network Server sample programs

-The NsSample sample program

-Running the NsSample sample program

-Network Server sample programs for embedded and client connections

-Overview of the SimpleNetworkServerSample program
-Running the SimpleNetworkServerSample program
-Connecting a client to the Network Server with the SimpleNetworkClientSample program
-Running the SimpleNetworkClientSample program

-Part two: Derby Administration Guide

-Checking database consistency

-The SYSCS_CHECK_TABLE function
-Sample SYSCS_CHECK_TABLE error messages
-Sample SYSCS_CHECK_TABLE queries

-Backing up and restoring databases

-Backing up a database

-Offline backups
-Online backups

-When the log is in a non-default location
-Backing up encrypted databases

-Restoring a database from a backup copy
-Creating a database from a backup copy
-Roll-forward recovery

-Replicating databases

-Starting and running replication
-Stopping replication
-Forcing a failover
-Replication and security
-Replication failure handling

-Logging on a separate device

-Using the logDevice= logDirectoryPath attribute
-Example of creating a log in a non-default location
-Example of moving a log manually
-Issues for logging in a non-default location

-Obtaining locking information

-Monitoring deadlocks

-Reclaiming unused space

		Search documentation:

Customizing the Network Server's security policy The Network Server's Basic security policy is documented in the section Basic Network Server security policy. Most likely, you will want to customize your own security policy. For example, you might want to restrict the server's liberal file i/o permissions which let the server backup to and restore from any location in the local file system. Customizing the security policy is simple: A template policy lives in the Derby distribution at demo/templates/server.policy. Copy the file from this location to your own file, say myCustomized.policy. All of the following edits take place in your custom file. Replace the ${derby.install.url} variable with the location of the Derby jars in your local file system. Replace the ${derby.system.home} variable with the location of your Derby system directory. Alternatively, rather than replacing this variable, you can simply set the value of the derby.system.home system property when you boot the server. You may want to restrict the socket permission for `derbynet.jar`, which by default accepts connections from any host (`""`). Note that the special wildcard address `"0.0.0.0"` is not understood by SocketPermission, even though Derby accepts this wildcard as a valid value for accepting connections on all network interfaces (IPv4). Refine the file permissions needed by backup/restore, import/export, and the loading of application jars. The following example is a copy of a sample, customized policy file: grant codeBase "file:/usr/local/share/sw/derby/lib/derby.jar" { // // These permissions are needed for everyday, embedded Derby usage. // permission java.lang.RuntimePermission "createClassLoader"; permission java.util.PropertyPermission "derby.", "read"; permission java.util.PropertyPermission "user.dir", "read"; permission java.io.FilePermission "/usr/local/shoppingCartApp/databases","read"; permission java.io.FilePermission "/usr/local/shoppingCartApp/databases/-", "read,write,delete"; permission java.util.PropertyPermission "derby.storage.jvmInstanceId", "write"; // // This permission lets a DBA reload the policy file while the server // is still running. The policy file is reloaded by invoking the // SYSCS_UTIL.SYSCS_RELOAD_SECURITY_POLICY() system procedure. // permission java.security.SecurityPermission "getPolicy"; // // This permission lets you backup and restore databases // to and from a selected branch of the local file system: // permission java.io.FilePermission "/usr/local/shoppingCartApp/backups/-", "read,write,delete"; // // This permission lets you import data from // a selected branch of the local file system: // permission java.io.FilePermission "/usr/local/shoppingCartApp/imports/-", "read"; // // This permission lets you export data to // a selected branch of the local file system: // permission java.io.FilePermission "/usr/local/shoppingCartApp/exports/-", "write"; // // This permission lets you load your databases with jar files of // application code // permission java.io.FilePermission "/usr/local/shoppingCartApp/lib/", "read"; }; grant codeBase "file:/usr/local/share/sw/derby/lib/derbynet.jar" { // // This permission lets the Network Server manage connections from clients // originating from the localhost, on any port. // permission java.net.SocketPermission "localhost:0-", "accept"; }; After customizing the Basic policy, you may bring up the Network Server as follows: java -Djava.security.manager -Djava.security.policy=/usr/local/shoppingCartApp/lib/myCustomized.policy org.apache.derby.drda.NetworkServerControl start -h localhost Parent topic:* Running the Network Server under the security manager Related tasks Basic Network Server security policy Running the Network Server without a security policy

	javadb@jdbcurl.com