This week's book giveaway is in the Testing forum.
We're giving away four copies of Data Structures the Fun Way: An Amusing Adventure with Coffee-Filled Examples and have Jeremy Kubica on-line!
See this thread for details.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Liutauras Vilda
  • Tim Cooke
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Devaka Cooray
  • Ron McLeod
  • paul wheaton
Saloon Keepers:
  • Tim Moores
  • Piet Souris
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Frits Walraven
  • Scott Selikoff

High Performance Java Persistence:Criteria API

 
Ranch Hand
Posts: 182
18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Vlad,
Thank you for providing us a good book.Looking forward to reading it. I have a few questions.

What is your view on Criteria API effectively handling SQL injection Attacks.

Is the performance of Criteria API better when compared to JPQL or HQL.

Is there a possibility to invoke stored procedures in versions prior to JPA 2.1. It seems difficult to use native SQL queries because it does not support stored procedures that have OUTPUT or INOUT parameters.

regards,
Ramya
 
Author
Posts: 33
6
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks, Ramya.

Hibernate uses PreparedStatements for every SQL statement that is executed, so, as long as you don't concatenate SQL strings, you should be fine with JPQL, Criteria API, and native queries too.

I find JPQL much more expressive than Criteria API. However, Criteria API is the right tool for building dynamic entity queries programmatically and in a type-safe way.
This way, JPQL and Criteria API are complementary, not competing one against each other.
Criteria API creates more objects that JPQL, so the performance penalty comes only from more work being done by GC.

JPA 2.1 allows you to call stored procedure, check out this article that I wrote, and ParameterMode supports IN, OUT, INOUT and REF_CURSOR too.

Vlad
 
Ramya R Subramanian
Ranch Hand
Posts: 182
18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Vlad Mihalcea wrote:JPA 2.1 allows you to call stored procedure, check out this article that I wrote, and ParameterMode supports IN, OUT, INOUT and REF_CURSOR too


Thanks, the explanation and article was very useful. We are having some issues in upgrading to 2.1, and I think there is no possibility to do it in JPA2.0(from here).
 
Vlad Mihalcea
Author
Posts: 33
6
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
You can always call stored procedures from JDBC too. It's not as elegant, but if it works, why not.
 
Ramya R Subramanian
Ranch Hand
Posts: 182
18
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sure.Yes,that would be the last resort.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic