You can insert parameter references in SQL statements of the JDBC operator. They are represented by a colon, followed by the parameter name. If the name contains special characters, it must be enclosed in double quotes.
JDBC parameters
Parameters are handed over to the database server as typed values along with the SQL statement at execution time. Before a statement is handed over to the database server, it is rewritten to use JDBC parameter markers ('?') as follows:
A single-value parameter is replaced by a single JDBC parameter marker.
A reference of a non-empty list is replaced by a comma-separated list of JDBC parameter markers, one for each list element. This is useful for populating the values of an IN predicate by a list value.
Example
SELECT * FROM table WHERE column IN (:list)
with 3 elements in the list is rewritten to
SELECT * FROM table WHERE column IN (?,?,?)
A reference of an empty list is replaced by a single parameter marker that refers to a NULL value.
The last rule provides a valid SQL statement for an empty list. Note that if the list of values is empty, both IN and NOT-IN predicates return the same result: UNKNOWN and not FALSE.