Getting Startedwith pureQuery

More documents

Recommendations

Info

348 <strong>Getting</strong> Started with <strong>pureQuery</strong> Figure D.17 - Static Execution is more efficient than dynamic. D.2 Prerequisites for Static SQL Since static SQL must be defined ahead of execution time, everything must be known about the static statement when the application is defined (precompiled and bound). The only unknowns allowed for a static statement are the values of the host variables (parameters) within the SQL string. These can be supplied at runtime. However, table names, column names, and the rest of the SQL statement structure must be fully predefined. D.3 Benefits of static SQL The primary benefits of static SQL are that the access plan can be predetermined, and a static SQL security model can be used. In addition, the usage of pre-defined access plans will deliver more consistent performance compared to a dynamic execution model. D.3.1 Predetermined access plan for more consistent performance As mentioned earlier, a predetermined access plan means that the database engine does not need to calculate an access plan at runtime. This cuts a piece of required processing during statement execution, and reduces the total execution time. Prior to execution, you can develop, test, optimize, and compare access paths. The best plan can then be selected and set for execution. A variety of automated tools are used to analyze the performance of SQL statements and evaluate access plans. The plans can then be modified using programmatic or human input.
Appendix D – Static SQL in DB2 349 Once the optimal plan is identified it can be locked in for the static SQL statement. This means that for static SQL, performance can be maximized and then locked-in via a fixed access plan. For certain applications it is essential to understand and lock in performance behavior before a production system is rolled out. Dynamic SQL can approach the benefits of a predetermined access plan by using a dynamic statement cache. With a dynamic statement cache, the access plan is calculated the first time a dynamic statement is executed. The plan for the dynamic SQL string is cached by the database and reused the next time the same statement is executed. For certain applications and environments that have high dynamic statement cache hit ratios, it’s possible to approach the database performance of static SQL, by limiting the number of times access plans are calculated at runtime. However, these dynamic applications must be coded to produce maximum cache hits, and the dynamic cache environment must be well tuned, in order to get a similar advantage using a dynamic cache to the one obtained with static SQL. Static SQL is the only way to completely lock in the access plan ahead of execution time for every statement. D.3.2 Package level security In addition to a locked-in access plan, static SQL provides a different SQL security model using package level privileges. Because static SQL statements are known ahead of time, users can be given authorization only for a specific set of SQL statements. These statements are combined into a unit called a package. Static SQL statements can be logically grouped into packages according to the needs of the security model. Users are only granted permission to execute packages containing SQL that matches their access level. With package level privileges, users cannot execute any SQL statements unless the statements are contained in the packages the users have been granted the privilege to execute. This provides an important alternative to table-based privileges, which is the common security model for dynamic SQL. With dynamic SQL, privileges are granted for specific table operations, such as read or update on a table. The risk with granting table privileges is they do not limit users to executing specific SQL statements. Users could potentially execute any query or any update SQL statement on a table, once they have been granted read or update privileges on the table. Even though a user’s application may be hardcoded with a specific SQL string, a malicious user could potentially use table privileges to execute dynamic SQL that is not contained within their application. Dynamic SQL injection is one form of malicious behavior that takes advantage of this fact. Static SQL, with a previously designed fix set of packages, and package level privileges, prevents this unwanted behavior. Only the package owner, not each user, needs to be granted table level privileges for static SQL. The package owner is usually the administrator who binds the packages. Therefore good static package design can eliminate the risk of a user maliciously executing unwanted SQL.
Page 3 and 4:
G E T T I N G S T A R T E D W I T H
Page 5 and 6:
Notices This information was develo
Page 7:
Trademarks IBM, the IBM logo, DB2,
Page 10 and 11:
10 Getting Started with pureQuery 3
Page 12 and 13:
12 Getting Started with pureQuery C
Page 14 and 15:
Page 16 and 17:
16 Getting Started with pureQuery C
Page 18 and 19:
18 Getting Started with pureQuery m
Page 20 and 21:
20 Getting Started with pureQuery T
Page 22 and 23:
22 Getting Started with pureQuery K
Page 24 and 25:
24 Getting Started with pureQuery A
Page 27 and 28:
1 Chapter 1 - Introduction to pureQ
Page 29 and 30:
Chapter 1 - Introduction to pureQue
Page 31 and 32:
Page 33 and 34:
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
Page 41 and 42:
Page 43 and 44:
Page 45 and 46:
2 Chapter 2 - Installing pureQuery
Page 47 and 48:
Chapter 2 - Installing pureQuery (O
Page 49 and 50:
Page 51 and 52:
Page 53 and 54:
Page 55 and 56:
Page 57 and 58:
Page 59 and 60:
Page 61:
PART II - TOOLING
Page 66 and 67:
66 Getting Started with pureQuery F
Page 68 and 69:
Page 70 and 71:
Page 72 and 73:
72 Getting Started with pureQuery t
Page 74 and 75:
74 Getting Started with pureQuery A
Page 76 and 77:
76 Getting Started with pureQuery T
Page 78 and 79:
78 Getting Started with pureQuery a
Page 80 and 81:
80 Getting Started with pureQuery r
Page 82 and 83:
Page 84 and 85:
Page 86 and 87:
86 Getting Started with pureQuery Y
Page 88 and 89:
Page 90 and 91:
Page 92 and 93:
92 Getting Started with pureQuery D
Page 94 and 95:
Page 96 and 97:
Page 98 and 99:
98 Getting Started with pureQuery
Page 100 and 101:
Page 102 and 103:
Page 105 and 106:
PART III - SECURITY, PERFORMANCE, A
Page 107 and 108:
6 Chapter 6 - The Client Optimizer:
Page 109 and 110:
Chapter 6 - The Client Optimizer: p
Page 111 and 112:
Page 113 and 114:
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
7 Chapter 7 - The StaticBinder Util
Page 139 and 140:
Chapter 8 - Extended Insight 139 No
Page 141 and 142:
7.2.2.3 Changes to pureQueryXml fil
Page 143 and 144:
Chapter 8 - Extended Insight 143 Fi
Page 145 and 146:
Chapter 8 - Extended Insight 145 Fi
Page 147 and 148:
Chapter 8 - Extended Insight 147 -u
Page 149 and 150:
Chapter 8 - Extended Insight 149 7.
Page 151 and 152:
Chapter 8 - Extended Insight 151 ne
Page 153:
Chapter 8 - Extended Insight 153 11
Page 156 and 157:
Page 158 and 159:
Page 160 and 161:
Page 162 and 163:
Page 164 and 165:
Page 166 and 167:
Page 169 and 170:
9 Chapter 9 - Persistence Framework
Page 171 and 172:
9.1.1.1 JPA Chapter 9 - Persistence
Page 173 and 174:
Chapter 9 - Persistence Frameworks
Page 175 and 176:
Page 177 and 178:
Page 179 and 180:
Page 181:
Page 184 and 185:
Page 186 and 187:
Page 188 and 189:
Page 190 and 191:
Page 192 and 193:
Page 194 and 195:
Page 196 and 197:
Page 198 and 199:
Page 200 and 201:
Page 202 and 203:
Page 204 and 205:
Page 206 and 207:
Page 208 and 209:
Page 210 and 211:
Page 212 and 213:
Page 214 and 215:
Page 216 and 217:
Page 218 and 219:
Page 220 and 221:
Page 222 and 223:
Page 224 and 225:
Page 226 and 227:
Page 228 and 229:
Page 230 and 231:
Page 232 and 233:
Page 234 and 235:
Page 236 and 237:
Page 238 and 239:
Page 240 and 241:
Page 243 and 244:
12 Chapter 12 - Stored Procedures T
Page 245 and 246:
Chapter 12 - Stored Procedures 245
Page 247 and 248:
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
Page 255 and 256:
Page 257 and 258:
Page 259 and 260:
Page 261 and 262:
13 Chapter 13 - Handlers In this ch
Page 263 and 264:
Chapter 13 - Handlers 263 Figure 13
Page 265 and 266:
Chapter 13 - Handlers 265 SELECT *
Page 267 and 268:
Chapter 13 - Handlers 267 construct
Page 269 and 270:
13.4.1 Writing a ResultHandler impl
Page 271 and 272:
Chapter 13 - Handlers 271 functiona
Page 273 and 274:
Chapter 13 - Handlers 273 Listing 1
Page 275 and 276:
Chapter 13 - Handlers 275 package h
Page 277:
A. In a getData method in the com.i
Page 281 and 282:
14 Chapter 14 - Best Practices In t
Page 283 and 284:
Chapter 14 - Best Practices 283 @Se
Page 285 and 286:
Chapter 14 - Best Practices 285 Fig
Page 287 and 288:
15 Chapter 15 - pureQuery and pureX
Page 289 and 290:
Chapter 15 - pureQuery and pureXML
Page 291 and 292:
Page 293:
Page 296 and 297:
Page 298 and 299: 298 Getting Started with pureQuery
Page 305 and 306: A Appendix A - Solutions to the rev
Page 307 and 308: Appendix A - Solutions to the revie
Page 313 and 314: B Appendix B - Understanding the Sa
Page 315 and 316: B.1.3 The “Employee Information
Page 317 and 318: Appendix C - Up and Running with DB
Page 319 and 320: B.1.6 The “Company Employees” s
Page 335 and 336: C.4.1 IBM Optim Development Studio
Page 345: Appendix C - Up and Running with DB
Page 355 and 356: E Appendix E - Options Files This a
Page 357 and 358: Appendix E - Options files 357 comm
Page 359: Appendix E - Options files 359 In b
Page 363 and 364: Resources Web sites 1. pureQuery pl
show all

Getting Startedwith pureQuery

Create successful ePaper yourself

Delete template?

Save as template?