Letting users remove their details from the database

[jamesdavit]

Hello all,

I've searched the documentation and the Internet, but could not get a clear understanding of what I need to do in order to letting users remove their details from the database.

So far I have come up with this:
1) User authenticates
2) User wants to remove their details from the database (unregister)
3) User is directed to a form to enter their password to confirm removal
4) The form controller verifies the password against the password for that user in the database?
5) The system removes the User from the database (HibernateTemplate.delete())
6) The system invalidates the session

I have tried the above steps, but I'm getting some odd Hibernate errors about multiple sessions:

org.springframework.orm.hibernate3.HibernateSystem Exception: Illegal attempt to associate a collection with two open sessions; nested exception is org.hibernate.HibernateException: Illegal attempt to associate a collection with two open sessions
Caused by:
org.hibernate.HibernateException: Illegal attempt to associate a collection with two open sessions
at org.hibernate.collection.AbstractPersistentCollect ion.setCurrentSession(AbstractPersistentCollection .java:410)

Can someone verify that the above steps are the correct way to remove the user from the database and maybe explain what can be the cause of the error?

Many thanks,
James

[karldmoore]

This problem isn't related to Acegi, it's simply a Hibernate issue. I would try searching on the forums, this has been covered lots of times.
http://www.hibernate.org/116.html#A8

[jamesdavit]

Hmm. Still not sure how this is suppose to work, but I have added the @Transactional annotation to all my data access methods (using Generic DAO) and the problem is gone. I'm sure there is some implication with this somewhere, but for now I can continue.

James

[karldmoore]

I would guess as the method is now transactional, two non-transactional methods aren't trying to fetch the same object.