The reason for not supporting literals when building the SQL query String is to prevent SQL Injection. If we inject the literal, we have no guarantee that a rogue attacker didn't inject anything in the incoming String object. Although this might affect performance on some RDBMS, for the moment, it's better to be safe than sorry.