Index: lams_common/src/java/org/lamsfoundation/lams/commonContext.xml
===================================================================
diff -u -r6f882ba0d7f059ee34d43fbfc532fb2f8b30e481 -r5a5a88e2992d006dbfd34513422ad6262f7222ae
--- lams_common/src/java/org/lamsfoundation/lams/commonContext.xml	(.../commonContext.xml)	(revision 6f882ba0d7f059ee34d43fbfc532fb2f8b30e481)
+++ lams_common/src/java/org/lamsfoundation/lams/commonContext.xml	(.../commonContext.xml)	(revision 5a5a88e2992d006dbfd34513422ad6262f7222ae)
@@ -566,8 +566,9 @@
 		</property>
 		<property name="transactionAttributes">
 			<props>
-				<prop key="is*">PROPAGATION_REQUIRED,readOnly</prop>
-				<prop key="has*">PROPAGATION_REQUIRED,readOnly</prop>
+				<prop key="is*">PROPAGATION_REQUIRED</prop>
+				<prop key="has*">PROPAGATION_REQUIRED</prop>
+				<prop key="ensure*">PROPAGATION_REQUIRED</prop>
 			</props>
 		</property>
 	</bean>
Index: lams_common/src/java/org/lamsfoundation/lams/security/SecurityDAO.java
===================================================================
diff -u -rdd60c645ebe32ff15180cff47caa583cb41b7ee1 -r5a5a88e2992d006dbfd34513422ad6262f7222ae
--- lams_common/src/java/org/lamsfoundation/lams/security/SecurityDAO.java	(.../SecurityDAO.java)	(revision dd60c645ebe32ff15180cff47caa583cb41b7ee1)
+++ lams_common/src/java/org/lamsfoundation/lams/security/SecurityDAO.java	(.../SecurityDAO.java)	(revision 5a5a88e2992d006dbfd34513422ad6262f7222ae)
@@ -24,8 +24,7 @@
 
 import java.io.Serializable;
 
-import org.hibernate.Query;
-import org.hibernate.SQLQuery;
+import org.hibernate.query.Query;
 import org.lamsfoundation.lams.dao.hibernate.LAMSBaseDAO;
 import org.lamsfoundation.lams.lesson.Lesson;
 import org.lamsfoundation.lams.usermanagement.Organisation;
@@ -77,11 +76,8 @@
 
     @Override
     public boolean hasOrgRole(Integer orgId, Integer userId, String... roles) {
-	Query query = getSession().createQuery(SecurityDAO.CHECK_ORG_ROLE);
-	query.setParameter("orgId", orgId);
-	query.setParameter("userId", userId);
-	query.setParameterList("roles", roles);
-	return !query.setCacheable(true).list().isEmpty();
+	return !doFindByNamedParam(SecurityDAO.CHECK_ORG_ROLE, new String[] { "orgId", "userId", "roles" },
+		new Object[] { orgId, userId, roles }).isEmpty();
     }
 
     @Override
@@ -98,9 +94,9 @@
 
     @Override
     public boolean isLessonLearner(Long lessonId, Integer userId) {
-	SQLQuery query = getSession().createSQLQuery(SecurityDAO.CHECK_LESSON_LEARNER);
-	query.setLong("lessonId", lessonId);
-	query.setInteger("user_id", userId);
+	Query query = getSession().createSQLQuery(SecurityDAO.CHECK_LESSON_LEARNER);
+	query.setParameter("lessonId", lessonId);
+	query.setParameter("user_id", userId);
 	return !query.list().isEmpty();
     }