ansaurus

Question

Answer 1

A:

Use .update() methods available in the (Simple)JdbcOperations, the number they return is the number of affected rows. They're supposed to be specifically used for both INSERT and UPDATE statements.

Esko 2010-01-20 13:29:33

He's asking about how to create a table, not how to update one

Valentin Rocher 2010-01-20 13:34:11

`.update()` is meant for those too. basically all the other methods are for SELECTs, `.update()` is for everything else.

Esko 2010-01-20 14:07:45

Answer 2

+2 A:

Slightly offtopic:

Is it absolutely necessary that you need to execute the DDL commands from within your code? In fact I do think it is a good idea to have separation between db admin and db usage. Our Oracle database security setup here is actually set up so that the tables are set up using a different database user (DB_OWNER), than the one running the SELECTs, INSERTs, DELETEs are run by DB_USER.

This prevents accidentially deleting tables or modifying the schema and also allows the DB_USER to be setup such that only the privileges that are absolutely necessary are granted, which adds a layer of security.

I suppose it depends on the nature of your service/application, but think about the benefit of creating the tables inside the code (and whether a possible bug in the DDL code could accidentially destroy production data).

beny23 2010-01-20 13:35:08

Thank you for this good advice!

Juri Glass 2010-01-20 13:43:52

yes, agree on that, we used to have DB_USER which can only SELECT and CALL PROCEDURE, so if happen that hackers somehow steal usernam/pass (used by application exposed on web for instance), they can only select from database with it... or they can call stored procedure, which will handle checks before and insert something which will leave database in consistent state, so the damage would be smaller

ante.sabo 2010-01-20 13:52:03

Suppose you're doing a fresh installation, do you distribute another application to run your DDL, or do you bundle the DDL and have installation logic in your application?

Mark E 2010-01-21 22:17:29

I guess that would depend on the type of application using the database. In a lot of production environment, having a separate DDL script is absolutely necessary to hand over to the DBA team which will then approve the changes before running the script and the code developers wouldn't have any access to the production database and having the app modify the DB would be a definite no-no.Having said that, AFAIK Hibernate can automatically generate the tables for you, though personally I wouldn't use it, as the index and constraint names be unreadable which makes DB maintenance more complicated.

beny23 2010-01-22 00:39:02

Answer 3

+1 A:

You can use the execute(String) method:

public void execute(String sql) throws DataAccessException

Issue a single SQL execute, typically a DDL statement.
Specified by: execute in interface JdbcOperations

Parameters: sql - static SQL to execute

Throws: DataAccessException - if there is any problem

However as beny23 mentions I would be suspicious of an actual need to do this programatically in a live application.

matt b 2010-01-20 14:15:51

ansaurus

tags:

views:

answers:

Spring JDBC: How to create the tables?

related questions