Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

High Performance Java Persistence:Criteria API

 
Ramya Subraamanian
Ranch Hand
Posts: 178
17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Vlad,
Thank you for providing us a good book.Looking forward to reading it. I have a few questions.

What is your view on Criteria API effectively handling SQL injection Attacks.

Is the performance of Criteria API better when compared to JPQL or HQL.

Is there a possibility to invoke stored procedures in versions prior to JPA 2.1. It seems difficult to use native SQL queries because it does not support stored procedures that have OUTPUT or INOUT parameters.

regards,
Ramya
 
Vlad Mihalcea
Author
Ranch Hand
Posts: 32
6
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks, Ramya.

Hibernate uses PreparedStatements for every SQL statement that is executed, so, as long as you don't concatenate SQL strings, you should be fine with JPQL, Criteria API, and native queries too.

I find JPQL much more expressive than Criteria API. However, Criteria API is the right tool for building dynamic entity queries programmatically and in a type-safe way.
This way, JPQL and Criteria API are complementary, not competing one against each other.
Criteria API creates more objects that JPQL, so the performance penalty comes only from more work being done by GC.

JPA 2.1 allows you to call stored procedure, check out this article that I wrote, and ParameterMode supports IN, OUT, INOUT and REF_CURSOR too.

Vlad
 
Ramya Subraamanian
Ranch Hand
Posts: 178
17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Vlad Mihalcea wrote:JPA 2.1 allows you to call stored procedure, check out this article that I wrote, and ParameterMode supports IN, OUT, INOUT and REF_CURSOR too

Thanks, the explanation and article was very useful. We are having some issues in upgrading to 2.1, and I think there is no possibility to do it in JPA2.0(from here).
 
Vlad Mihalcea
Author
Ranch Hand
Posts: 32
6
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You can always call stored procedures from JDBC too. It's not as elegant, but if it works, why not.
 
Ramya Subraamanian
Ranch Hand
Posts: 178
17
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sure.Yes,that would be the last resort.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic