Index: lams_central/web/login.jsp
===================================================================
diff -u -r3c797b7dcb58649de6790843ea3bcd6fbc4b2eb1 -rf2c0865cbb95219b30d59d6152b20dff389dc7b0
--- lams_central/web/login.jsp	(.../login.jsp)	(revision 3c797b7dcb58649de6790843ea3bcd6fbc4b2eb1)
+++ lams_central/web/login.jsp	(.../login.jsp)	(revision f2c0865cbb95219b30d59d6152b20dff389dc7b0)
@@ -177,12 +177,12 @@
 				// invalidate session so a new user can be logged in
 				HttpSession hs = SessionManager.getSession();
 				if (hs != null) {
-				    hs.removeAttribute("login");
-				    hs.removeAttribute("password");
 					UserDTO userDTO = (UserDTO) hs.getAttribute("user");
 					if (userDTO != null) {
-					    SessionManager.removeSessionByLogin(userDTO.getLogin(), true);
+					    // remove session from mapping
+					    SessionManager.removeSessionByLogin(userDTO.getLogin(), false);
 					}
+					hs.invalidate();
 				}
 			%>
 			<script type="text/javascript">