Meaningless Drivel is fun!
The moose likes Other Application Frameworks and the fly likes Hibernate SQL Injection Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Other Application Frameworks
Bookmark "Hibernate SQL Injection" Watch "Hibernate SQL Injection" New topic

Hibernate SQL Injection

ed suttner

Joined: Mar 04, 2003
Posts: 13
My manager wants to know if our code is vunerable to sql injection. With straight JDBC, I know that using Prepared Statements (bind variables) will help. We do have some hibernate in which I am not that familar with. It looks like hibernate has prepared statements, so using those will minimize SQL injection like in JDBC? Thanks!
I agree. Here's the link:
subject: Hibernate SQL Injection
It's not a secret anymore!