Search

Java Persistence Frameworks

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1

    1 Favorite

    Java Persistence Frameworks - Presentation Transcript

    1. Java Persistence Frameworks Popular and next generation persistence frameworks Thomas Müller Day Software AG Presentation 7780
    2. 2 Agenda • Introduction • Persistence Frameworks - SQL(++) - O/R Mapping - Next Generation • SQL Injection
    3. 3 Introduction Thomas Mueller Software Engineer http://www.h2database.com http://www.day.com http://jackrabbit.apache.org
    4. 3 Introduction Thomas Mueller Software Engineer http://www.h2database.com http://www.day.com http://jackrabbit.apache.org
    5. 3 Introduction Thomas Mueller Software Engineer http://www.h2database.com http://www.day.com http://jackrabbit.apache.org
    6. 3 Introduction Thomas Mueller Software Engineer http://www.h2database.com http://www.day.com http://jackrabbit.apache.org
    7. 4 Persistence Frameworks 1990 1995 2000 2005 2010
    8. 4 Persistence Frameworks 1990 SQL(++) ODB C 1995 JDBC 2000 iBATIS DbU t i l s 2005 2010
    9. 4 Persistence Frameworks 1990 SQL(++) ODB C 1995 O/R mapping JDBC e 2000 H i be r n at iBATIS DbU t i l s J DO J PA 2005 2010
    10. 4 Persistence Frameworks 1990 SQL(++) ODB C 1995 O/R mapping JDBC e next generation 2000 H i be r n at iBATIS DbU t i l s J DO J PA LINQ 2005 JaiQ u SFq uMl l LIQUid OR QL 2010 iS oo te Q ub JJmsuirErLyd s lre E QpU e - d ae EQ
    11. 4 Persistence Frameworks 1990 SQL(++) ODB C 1995 O/R mapping JDBC e next generation 2000 H i be r n at iBATIS DbU t i l s J DO J PA LINQ 2005 JaiQ u SFq uMl l LIQUid OR QL 2010 J PA 2 .0 iS oo te Q ub JJmsuirErLyd s lre E QpU e - d ae EQ
    12. 5 SQL(++)
    13. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } }
    14. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } PreparedStatement prep = conn.prepareStatement( "select * from Student where name = ?"); prep.setString(1, name); ResultSet rs = prep.executeQuery(); rs.next(); Student student = new Student(); student.setName(rs.getString(1)); JDBC
    15. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } PreparedStatement prep = conn.prepareStatement( "select * from Student where name = ?"); prep.setString(1, name); ResultSet rs = prep.executeQuery(); rs.next(); Student student = new Student(); student.setName(rs.getString(1)); JDBC
    16. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } <sqlMap resource="com/mydomain/data/Student.xml"/> <sqlMap namespace="Student"> <typeAlias alias="Student" type="com.mydomain.data.Student"/> <select id="selectStudent" resultClass="Student"> select * from Student where name = #name# </select> </sqlMap> PreparedStatement prep = Student student = (Student) sqlMapper. conn.prepareStatement( "select * from Student where name = ?"); queryForObject("selectStudent", name); prep.setString(1, name); ResultSet rs = prep.executeQuery(); rs.next(); Student student = new Student(); student.setName(rs.getString(1)); JDBC iBATIS
    17. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } PreparedStatement prep = conn.prepareStatement( <sqlMap namespace="Student"> "select * from Student where name = ?"); <typeAlias alias="Student" type="com.mydomain.data.Student"/> prep.setString(1, name); <select id="selectStudent" resultClass="Student"> ResultSet rs = prep.executeQuery(); <sqlMap resource="com/mydomain/data/Student.xml"/> selectStudentStudent where name sqlMapper. * from student = (Student) = #name# rs.next(); </select> queryForObject("selectStudent", name); Student student = new Student(); </sqlMap> student.setName(rs.getString(1)); JDBC iBATIS
    18. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } ResultSetHandler h = new BeanHandler(Student.class); Student s = (Student) run.query(conn, "select * from Student where name=?", handler, new Object[]{name}); PreparedStatement prep = conn.prepareStatement( <sqlMap namespace="Student"> "select * from Student where name = ?"); <typeAlias alias="Student" type="com.mydomain.data.Student"/> prep.setString(1, name); <select id="selectStudent" resultClass="Student"> ResultSet rs = prep.executeQuery(); <sqlMap resource="com/mydomain/data/Student.xml"/> selectStudentStudent where name sqlMapper. * from student = (Student) = #name# rs.next(); </select> queryForObject("selectStudent", name); Student student = new Student(); </sqlMap> student.setName(rs.getString(1)); JDBC DbUtils iBATIS
    19. 5 SQL(++) public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } } PreparedStatement prep = conn.prepareStatement( <sqlMap namespace="Student"> "select * from Student where name = ?"); ResultSetHandler h = new BeanHandler(Student.class); <typeAlias alias="Student" type="com.mydomain.data.Student"/> prep.setString(1, name); Student s = (Student) run.query(conn, <select id="selectStudent" resultClass="Student"> ResultSet rs = prep.executeQuery(); "select * from Student where name=?", selectStudentStudent where name sqlMapper. * from student = (Student) = #name# <sqlMap resource="com/mydomain/data/Student.xml"/> rs.next(); handler, new Object[]{name}); </select> queryForObject("selectStudent", name); Student student = new Student(); </sqlMap> student.setName(rs.getString(1)); JDBC DbUtils iBATIS
    20. 6 O/R Mapping
    21. 6 O/R Mapping Illusion - there is no database b e r n a te - still need configuration Hi Auto-Save - objects are stateful - automatic dirty checking J DO J PA Auto-Navigation - in queries - get() loads referred object - collection support
    22. 7 O/R Mapping
    23. 7 O/R Mapping J DO J PA e H i be r n at
    24. 7 O/R Mapping J DO J PA e H i be r n at “technology agnostic” RDBMS RDBMS
    25. 7 O/R Mapping J DO J PA e H i be r n at “technology agnostic” RDBMS RDBMS few implementations many most popular
    26. 7 O/R Mapping J DO J PA e H i be r n at “technology agnostic” RDBMS RDBMS few implementations many most popular Google AppEngine Google AppEngine
    27. 8 Hibernate
    28. 8 Hibernate Dependencies hibernate3.jar hibernate-annotations.jar hibernate-commons-annotations.jar commons-collections-3.1.jar commons-logging-api-1.1.jar commons-logging-1.1.jar ejb3-persistence.jar antlr-2.7.6.jar dom4j-1.6.1.jar javassist-3.4.GA.jar jta-1.1.jar slf4j-api-1.5.6.jar slf4j-simple-1.5.6.jar
    29. 8 <!DOCTYPE hibernate-configuration PUBLIC hibernate3.jar hibernate-annotations.jar "-//Hibernate/Hibernate Configuration DTD 3.0//EN" hibernate-commons-annotations.jar Hibernate commons-collections-3.1.jar commons-logging-api-1.1.jar "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> commons-logging-1.1.jar ejb3-persistence.jar <hibernate-configuration> antlr-2.7.6.jar dom4j-1.6.1.jar javassist-3.4.GA.jar <session-factory> jta-1.1.jar slf4j-api-1.5.6.jar <property name="connection.url">jdbc:h2:mem:test</property> slf4j-simple-1.5.6.jar <property name="connection.username">sa</property> <property name="connection.driver_class">org.h2.Driver</property> Dependencies <property name="dialect">org.hibernate.dialect.H2Dialect</property> <property name="connection.password">sa</property> </session-factory> Configuration </hibernate-configuration> hibernate.cfg.xml Annotations or XML import javax.persistence.*; @Entity public class Student { @Id @GeneratedValue private Long id; @Column private String name; }
    30. 8 hibernate3.jar hibernate-annotations.jar hibernate-commons-annotations.jar Hibernate commons-collections-3.1.jar commons-logging-api-1.1.jar commons-logging-1.1.jar ejb3-persistence.jar antlr-2.7.6.jar dom4j-1.6.1.jar javassist-3.4.GA.jar jta-1.1.jar slf4j-api-1.5.6.jar slf4j-simple-1.5.6.jar Dependencies Configuration hibernate.cfg.xml Student s = (Student) session.createQuery( Annotations or XML "from Student s where name=?"). setString(0, name).list().get(0); Query <!DOCTYPE hibernate-configuration PUBLIC import javax.persistence.*; "-//Hibernate/Hibernate Configuration DTD 3.0//EN" "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> @Entity <hibernate-configuration> <session-factory> public class Student { <property name="connection.url">jdbc:h2:mem:test</property> @Id @GeneratedValue <property name="connection.username">sa</property> private Long id; <property name="connection.driver_class">org.h2.Driver</property> @Column <property name="dialect">org.hibernate.dialect.H2Dialect</property> <property name="connection.password">sa</property> private String name; </session-factory> } </hibernate-configuration>
    31. 9 Next Generation: JaQu
    32. 9 Next Generation: JaQu POJO public class Student { private String name; public void setName(String name) { this.name = name; } public String getName() { return name; } }
    33. 9 Next Generation: JaQu public class Student { private String name; POJO public void setName(String name) { this.name = name; } public String getName() { return name; } } Query - Typesafe Student s = new Student(); - Embedded DSL s = db.from(s).where(s.name). - Fluent API - Autocomplete is(name).selectFirst();
    34. 9 Next Generation: JaQu public class Student { private String name; POJO public void setName(String name) { this.name = name; } public String getName() { return name; } } Query - Typesafe Student s = new Student(); - Embedded DSL s = db.from(s).where(s.name). - Fluent API - Autocomplete is(name).selectFirst(); No String Student s = new Student(); Student s = new Student(); - No SQL injection List<Student> students = s.name = "Robert"; db.from(s).where(s.name). db.insert(s); is(name).select();
    35. 10 SQL Injection
    36. 10 SQL Injection
    37. 10 SQL Injection
    38. 10 SQL Injection
    39. 10 SQL Injection stat.execute("select * from " + "Students where name='" + name + "'");
    40. 10 SQL Injection stat.execute("select * from " + "Students where name='" + "Robert'; DROP TABLE Students--'"); name + "'");
    41. 10 SQL Injection PreparedStatement prep = conn.prepareStatement( "select * from " + "Students where name=?"); stat.execute("select * from " + prep.setString(1, name); "Students where name='" + prep.execute(); "Robert'; DROP TABLE Students--'"); name + "'");
    42. 11 SQL Injection
    43. 11 SQL Injection CT * " + JDBC stat.exe cute("SELE ERE " + ERS WH "FROM US ='"+pwd+"'"); D "PASSWOR
    44. 11 SQL Injection run.query( ("SELECT * " + JDBC te stat.execu * ERS WHERE s + "SELECT S FROM User " " + "F HEREU sswor "WROM paD='"+pwd'" "'"); + DBUtils SWOR pwAS+ "'"); "P d d= +
    45. 11 SQL Injection < lect d rusequeriy(=""SELECT * " + n. g JDBC selext cDte( etUser"RE " + t.ec e I u asFRS WHE ...> sta ELECT * EidOM Users "S whHEMPUS R fromwd+""S); "F er RE pass O + U "WROe ASSWworp = SER '"+ DBUtils '$PASSWORD='" D = '" + "pd + ' pwwd$"'"); Rd </select> iBATIS
    46. 11 SQL Injection < lect d rusequeriy(=""SELECTQuery( n. q = *"+ JDBC Query t cDte(g.creaer" ..E " + selexe I u emetUs te R .> stat.ec ECTasEidSfWH) "ers "SEL (u E "SELereT U* FRCTom U+E""S); whHEMPOBJE OM pwd+ R + O REAS R r Us S + EC "WR Us Rss ORD = " '" "F "FROSSWOSSWwordRE '" + pa u W+ DBUtils '$PAM$' erD='"HE = " pwd "'"); '"+pwd+"'"); pwd + </selesword= "pasct> iBATIS JPA
    47. 11 SQL Injection < l t d rusequeriy(=""SELECTQuery( Querecq = em.creaer * "y( n. y = er + JDBC Qutley tqIDte(getUs te" er " + se .execu pm.newQuRE c ...> staUserECas* EidSfWH) "ers EC as, "SEL T OBJE OM Us s E "SELer.clT S FRCTom U+E""S); whHEMPU R r (u wd+ R + "WR M UserD'"+RD RES + "F Oe AS "passwor SWO HE = " '" RE pa u W+p "FROSSWOd= ='"pwd+"'"+ DBUtils '$PA d$' Rssword = '" ); " pw + "'"); '"+pwd+"'"); pwd </selesword= "pasct> iBATIS JPA JDO
    48. 11 SQL Injection < l t d rusequeriy(=""SEresCTQuery( Querecq = q(g.creaeeQu y( n. y = pm.newQu* " + JDBC Quer y tqIDte metLE te" er " + selexecu em.c U atr RE u"SEL Q t.ec ...> staUserECas* EidSfWH) + +s .clTaS FRCTom "er " + s R Or (u"E s,JE OM Us S M U E ); "SEECT OB "SELereCT * whHEMPU "F LE pass O pwwd+"'" "WRO REAerDuworpRE ER+ " + Su W d H R "passworSct '"+RDW= "'"ES M WOd= ='"HE d+'" + Us R W re+ d = " ); DBUtils "FROunstru '$Pt: SS ' "n w "pd + pwA d$"'"rd='"+pwd+"'", </s"pesword='"+pwd+"'"); "pasct> o ); el assw iBATIS Query.SQL); JPA JDO JCR
    49. 11 SQL Injection < l t d rusequeriy(=""SEresCTQuery( Querecq = q(g.creaeeQu y( n. y = pm.newQu* " + JDBC Quer y tqIDte metLE te" er " + selexecu em.c U atr RE u"SEL Q t.ec ...> staUserECas* EidSfWH) + +s .clTaS FRCTom "er " + s R Or (u"E s,JE OM Us S M U E ); "SEECT OB "SELereCT * whHEMPU "F LE pass O pwwd+"'" "WRO REAerDuworpRE ER+ " + Su W d H R "passworSct '"+RDW= "'"ES M WOd= ='"HE d+'" + Us R W re+ d = " ); DBUtils "FROunstru '$Pt: SS ' "n w "pd + pwA d$"'"rd='"+pwd+"'", </s"pesword='"+pwd+"'"); "pasct> o ); el assw iBATIS Query.SQL); JPA JDO ); User u = new User( JCR db.from(u). is(pwd). where(u.password). select(); JaQu
    50. 11 SQL Injection < l t d rusequeriy(=""SEresCTQuery( Querecq = q(g.creaeeQu y( n. y = pm.newQu* " + JDBC Quer y tqIDte metLE te" er " + selexecu em.c U atr RE u"SEL Q t.ec ...> staUserECas* EidSfWH) + +s .clTaS FRCTom "er " + s R Or (u"E s,JE OM Us S M U E ); "SEECT OB "SELereCT * whHEMPU "F LE pass O pwwd+"'" "WRO REAerDuworpRE ER+ " + Su W d H R "passworSct '"+RDW= "'"ES M WOd= ='"HE d+'" + Us R W re+ d = " ); DBUtils "FROunstru '$Pt: SS ' "n w "pd + pwA d$"'"rd='"+pwd+"'", </s"pesword='"+pwd+"'"); "pasct> o ); el assw iBATIS Query.SQL); JPA JDO ); User u = new User( JCR db.from(u). is(pwd). where(u.password). select(); JaQu
    51. Images are Creative Commons licensed Thomas Mueller Mountain Bike http://www.flickr.com/photos/kgsbikes/3043775162 Software Engineer Solex http://www.e-solex.fr http://www.h2database.com Scooter http://www.flickr.com/photos/janet/2844615758 http://www.day.com Generic Car http://jackrabbit.apache.org http://www.flickr.com/photos/markscott/389221242 Generic Jeep http://www.flickr.com/photos/markscott/389221372 Ford Focus http://www.flickr.com/photos/stevecoulterperformancecars/ 2965383580 Smart http://www.smart.com xkcd Comic "Exploits of a Mom" http://xkcd.com/327 http://ibatis.apache.org http://commons.apache.org/dbutils http://www.hibernate.org http://www.datanucleus.org http://openjpa.apache.org http://www.eclipse.org/eclipselink http://www.oracle.com/technology/products/ias/toplink http://www.h2database.com/html/jaqu.html

    + dayday, 5 months ago

    custom

    445 views, 1 favs, 1 embeds more stats

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 445
      • 367 on SlideShare
      • 78 from embeds
    • Comments 0
    • Favorites 1
    • Downloads 24
    Most viewed embeds
    • 78 views on http://dev.day.com

    more

    All embeds
    • 78 views on http://dev.day.com

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved