10.5. Using EL in EJB-QL/HQL

Seam proxies the EntityManager or Session object whenever you use a Seam-managed persistence context or inject a container-managed persistence context with @PersistenceContext. This lets you safely and efficiently use EL expressions in your query strings. For example, this:

User user = em.createQuery("from User where username=#{user.username}")
                          .getSingleResult();

is equivalent to:

User user = em.createQuery("from User where username=:username")
                          .setParameter("username", user.getUsername()) 
                          .getSingleResult();

Warning

Do not use the format below, because it is vulnerable to SQL injection attacks, as well as being inefficient.

User user = em.createQuery("from User where username=" + user.getUsername()).getSingleResult(); //BAD!

Select Your Language

10.5. Using EL in EJB-QL/HQL

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Language and Page Formatting Options

10.5. Using EL in EJB-QL/HQL

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links