How to map calculated properties with Hibernate @Generated annotation

Introduction

As I explained in this previous article, you can map calculated properties using Hibernate @Formula, and the value is generated at query time.

In this post, you’ll see how you can calculate an entity property at INSERT or UPDATE time.

Continue reading “How to map calculated properties with Hibernate @Generated annotation”

Advertisements

How does MySQL result set streaming perform vs fetching the whole JDBC ResultSet at once

Introduction

I read a very interesting article by Krešimir Nesek regarding MySQL result set streaming when it comes to reducing memory usage.

Mark Paluch, from Spring Data, asked if we could turn the MySQL result set streaming by default whenever we are using Query#stream or Query#scroll.

That being said, the HHH-11260 issue was created, and I started working on it. During Peer Review, Steve Ebersole (Hibernate ORM team leader) and Sanne Grinovero (Hibernate Search Team Leader) expressed their concerns regarding making such a change.

First of all, the MySQL result set streaming has the following caveats:

  • the ResultSet must be traversed fully before issuing any other SQL statement
  • the statement is not closed if there are still records to be read in the associated ResultSet
  • the locks associated with the underlying SQL statement that is being streamed are released when the transaction is ended (either commit or rollback).

Continue reading “How does MySQL result set streaming perform vs fetching the whole JDBC ResultSet at once”

How to map calculated properties with JPA and Hibernate @Formula annotation

Introduction

As I explained in this StackOverflow question, mapping calculated properties is very easy with JPA and Hibernate.

In this post, I’m going to demonstrate how you can derive some entity property based on one or multiple persistent entity attributes.

Continue reading “How to map calculated properties with JPA and Hibernate @Formula annotation”

A beginner’s guide to SQL injection and how you should prevent it

Introduction

One of my readers asked me to answer the following StackOverflow question. Right from the start, I noticed that the entity query was constructed by concatenating strings, which can expose your application to SQL Injection attacks.

Unfortunately, I’ve been seeing this problem over and over throughout my career, and not all developers are aware of the serious risk associated to SQL Injection. For this reason, this post is going to demonstrate what damage can SQL Injection do to your system.

Continue reading “A beginner’s guide to SQL injection and how you should prevent it”