How to install DB2 Express-C on Docker and set up the JDBC connection properties


While developing Hibernate, I need to test the code base against a plethora of relational database systems: Oracle, SQL Server, PostgreSQL, MySQL, MariaDB, Informix, and of course DB2.

However, having all these databases installed on my system is far from ideal, so I rely a lot on Docker for this task. In this article, I’m going to show how easily you can install DB2 on Docker and set up the JDBC connection so that you can run Hibernate tests on DB2.

Continue reading “How to install DB2 Express-C on Docker and set up the JDBC connection properties”


How to get started with CockroachDB


CockroachDB is a really interesting database system, getting the best of both RDBMS and NoSQL. It’s been developed by former Google developers, and it’s inspired by Google Spanner. However, unlike Google Spanner, which is offered as a service in Google Cloud, CockroachDB is an open-source database that can be installed on premise.

Also, CockroackDB allows you to use the PostgreSQL drivers as opposed to Spanner which only supports the gRPC protocol. So, you can practically reuse all the frameworks that have emerged in the Java ecosystem like connection pools, monitoring proxies (e.g. FlexyPool) or data access frameworks (e.g. Hibernate).

Unlike a typical RDBMS, CockroachDB is designed to be globally distributed and strongly resilient to disasters, hence its very unusual name. But what’s really exciting about CockroachDB is its non-locking timestamp ordering concurrency control mechanism which allows CockroachDB to run in Serializable isolation level, even if the database is massively distributed. Intriguing, right?

Continue reading “How to get started with CockroachDB”

How to find which statement failed in a JDBC Batch Update


Yesterday, my Danish friend, Flemming Harms, asked my a very interesting question related to when a JDBC batch update fails.

Basically, considering we are going to group several DML statements in a batch, we need a way to tell which statement is the cause of the failure. This post is going to answer this question in more detail.

Continue reading “How to find which statement failed in a JDBC Batch Update”

A beginner’s guide to SQL injection and how you should prevent it


One of my readers asked me to answer the following StackOverflow question. Right from the start, I noticed that the entity query was constructed by concatenating strings, which can expose your application to SQL Injection attacks.

Unfortunately, I’ve been seeing this problem over and over throughout my career, and not all developers are aware of the serious risk associated to SQL Injection. For this reason, this post is going to demonstrate what damage can SQL Injection do to your system.

Continue reading “A beginner’s guide to SQL injection and how you should prevent it”