I work With JPA and I have some Queries. I have googled but result not found, I have simple question
query.setParameter("name","%" + name + "%");
Is it precondition for sql injection?
No, since you're binding the value to a parameterized query, your code will not cause an SQL injection opportunity.
An SQL injection is usually caused by not parameterizing the query but building it and adding parameters using string concatenation.