The documentation is still (in 10.8) glossed with warnings against production use of the BUILTIN authentication mechanism, can anyone tell me what is wrong with it? The only reference to any problems I can find is CVE-2009-4269 (DERBY-4483) which was fixed in 10.6.1.0 so is there any reason to not use it now?
Thanks, Paul.
