lams-github

The code that checks if user is sysadmin depends on HTTP session being

present in SessionManager. It is normally present as the authentication

request goes through SsoHandler which initiates the session. It is not

the case, though, when session gets replicated and UniversalLoginModule

is accessed directly.

The fix skips the check in no session is present, which means that

sysadmin will need to authenticate same as regular user, which is OK for

this edge situation. Session failover still works. Show less