Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!gegeweb.42!gegeweb.eu!nntpfeed.proxad.net!proxad.net!feeder2-2.proxad.net!newsfeed.arcor.de!newsspool3.arcor-online.net!news.arcor.de.POSTED!not-for-mail
Date: Mon, 11 Jul 2011 10:19:03 -0400
From: Gunter Herrmann <notformail0106@earthlink.net>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20110706 Firefox/5.0 SeaMonkey/2.2
MIME-Version: 1.0
Newsgroups: comp.lang.java.programmer
Subject: Re: Spring/hibernate and JDBC
References: <3c16e5e7-3c0b-4126-9dd9-88f372a58f03@e26g2000prf.googlegroups.com> <ivamk9$dph$1@dont-email.me>
In-Reply-To: <ivamk9$dph$1@dont-email.me>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Lines: 41
Message-ID: <4e1b0656$0$6568$9b4e6d93@newsspool3.arcor-online.net>
Organization: Arcor
NNTP-Posting-Date: 11 Jul 2011 16:19:02 CEST
NNTP-Posting-Host: b8585630.newsspool3.arcor-online.net
X-Trace: DXC=]RX6G<YiFLUaAeROF2PWMQMcF=Q^Z^V3X4Fo<]lROoRQ8kF<OcfhCO[Lb[5<g:Do=Sk^4\8678aESgkSYG13V@K]a9GJXF>a\FZVgI`H2Skli]
X-Complaints-To: usenet-abuse@arcor.de
Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:6069

Hi!

markspace wrote:

> Still good to know what JDBC is and does, since it's used by JPA and
> Hibernate (et al.).

If you want to create complex database centered applications and
want decent security you would create an API in the database
without any direct access to tables for the application.

Very often you have different applications running the same
type of tasks even based on different programming languages.

Just imagine a hotel reservation system (single property).
You have the following apps creating/updating reservations:

1. The local property management system
2. The chain's central reservation system
3-10. 3rd party reservation systems (for travel agent reservations)
11. Hotel's web site
12. Chain's web site
13-20. Other web sites doing reservations for you.

If you use a capable DB (such as Oracle) you do everything via
packaged stored procedures and (pipelined or not) table functions.
You cannot trust any outside application, so do the same for
your own stuff.

This approach additionally prevents any SQL injection.

In this case Hibernate is pretty useless (just an additional layer
of framework heavily using reflections making debugging more
complicated than necessary.

Gunter in Orlando, Florida

-- 
I know SQL and PL/SQL.
I don't have to hibernate