April 24, 2016

JDBC Interview Questions And Answers

What is JDBC?
JDBC (Java Database Connectivity) is a Java API that is used to connect and execute query to the database. JDBC API uses jdbc drivers to connects to the database.

What are the common JDBC API components?
JDBC API consists of following interfaces and classes DriverManager, Driver, Connection, Statement, ResultSet, SQLException.

What is a JDBC DriverManager?
JDBC DriverManager is a class that manages a list of database drivers. It matches connection requests from the java application with the proper database driver using communication subprotocol.

What is a JDBC Driver?
JDBC driver is an interface enabling a Java application to interact with a database. To connect with individual databases, JDBC requires drivers for each database. The JDBC driver gives out the connection to the database and implements the protocol for transferring the query and result between client and database.

What is a connection?

Connection interface consists of methods for contacting a database. The connection object represents communication context.

What is a statement?
Statement encapsulates an SQL statement, which is passed to the database to be parsed, compiled, planned and executed.

What is a ResultSet?
These objects hold data retrieved from a database after you execute an SQL query using Statement objects. It acts as an iterator to allow you to move through its data. The java.sql.ResultSet interface represents the result set of a database query.

What are types of ResultSet?
There are three constants which when defined in result set can move cursor in resultset backward, forward and also in a particular row.
  • ResultSet.TYPE_FORWARD_ONLY − The cursor can only move forward in the result set.
  • ResultSet.TYPE_SCROLL_INSENSITIVE − The cursor can scroll forwards and backwards, and the result set is not sensitive to changes made by others to the database that occur after the result set was created.
  • ResultSet.TYPE_SCROLL_SENSITIVE − The cursor can scroll forwards and backwards, and the result set is sensitive to changes made by others to the database that occur after the result set was created.
What are the main steps in java to make JDBC connectivity?

1. Register or Load the JDBC driver: Class.forName() is used to create an instance of a driver and register it with the DriverManager. When you have loaded a driver, it is available for making a connection with a DBMS.

2. Make connection
String url = "jdbc:oracle:thin:@localhost:1632:DEVROOT32";
Properties props = new Properties();
props.setProperty("user", "scott");
props.setProperty("password", "tiger");
Connection conn = DriverManager.getConnection(url,props);

3. Get Statement object: From connection object we can get statement object which is used to query the database
String sql ="select sysdate as current_day from dual";
PreparedStatement preStatement = conn.prepareStatement(sql);

4.  Execute the Query:Using statement object we execute the SQL or database query and get result set from the query.
ResultSet result = preStatement.executeQuery();

5. Close the connection

What are JDBC driver types?
There are four types of JDBC drivers
  • JDBC-ODBC Bridge plus ODBC driver − also called Type 1 calls native code of the locally available ODBC driver.
  • Native-API, partly Java driver − also called Type 2 calls database vendor native library on a client side. This code then talks to database over network.
  • JDBC-Net, pure Java driver − also called Type 3 the pure-java driver that talks with the server-side middleware that then talks to database.
  • Native-protocol, pure Java driver − also called Type 4 the pure-java driver that uses database native protocol.
What are different types of Statement?
There are three types of statement:
1. Statement: It’s a commonly used for getting data from database useful when we are using static SQL statement at runtime and it will not accept any parameter.
Statement stmt = conn.createStatement(sqlquery);
ResultSet rs = stmt.executeQuery();

2. PreparedStatement: When we are using same SQL statement multiple time its is useful and it will accept parameter at runtime.
String SQL = "select * from student WHERE student_id = ?";
PreparedStatement  pstmt = conn.prepareStatement(SQL);
ResultSet rs = pstmt.executeQuery();

3. Callable Statement: When we want to access stored procedures then callable statement are useful and they also accept runtime parameter. It is called like this
CallableStatement cs = con.prepareCall("{call calculate_annualincome}");
ResultSet rs = cs.executeQuery();

What is the difference between Statement and PreparedStatement interface?
In case of Statement, query is complied each time whereas in case of PreparedStatement, query is complied only once. So performance of PreparedStatement is better than Statement.

What is connection Pooling?
It is the mechanism by which we reuse the recourse like connection objects  which are needed to make connection with database. In this mechanism client are not required every time make new connection and then interact with database instead of that connection objects are stored in connection pool and client will get it from there. so it’s a best way to share a server resources among the client and enhance the application performance.

What does the Class.forName("MyClass") do?
  • Loads the class MyClass.
  • Execute any static block code of MyClass.
  • Returns an instance of MyClass.
What are the differences between setMaxRows(int) and SetFetchSize(int)?
setFetchSize(int) defines the number of rows that will be read from the database when the ResultSet needs more rows. setFetchSize(int) affects how the database returns the ResultSet data.

method of the ResultSet specifies how many rows a ResultSet can contain at a time. setMaxRows(int) affects the client side JDBC object.

How  do you prevent SQL Injection in Java Code?
In SQL Injection attack, malicious user pass SQL meta-data combined with input which allowed them to execute sql query of there choice.

PreparedStatement can be used to avoid SQL injection in Java code. Use of the PreparedStatement for executing SQL queries not only provides better performance but also shield your Java and J2EE application from SQL Injection attack. All the parameters passed as part of place-holder will be escaped automatically by JDBC Driver.

-K Himaanshu Shuklaa..

1 comment:

Anonymous said...
This comment has been removed by a blog administrator.

Post a Comment

RSSChomp Blog Directory