Index: lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java
===================================================================
diff -u -rbcdec8a8d07dc56cbb3ef12d4465d3e9032666c9 -r1e91ea68c110f3c4488d211a59401356888e7da1
--- lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java	(.../LamsSecurityUtil.java)	(revision bcdec8a8d07dc56cbb3ef12d4465d3e9032666c9)
+++ lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java	(.../LamsSecurityUtil.java)	(revision 1e91ea68c110f3c4488d211a59401356888e7da1)
@@ -119,11 +119,9 @@
 	// in case of learnerStrictAuth we should also include lsid value when creating hash: [ts + uid + method + lsid
 	// + serverID + serverKey]
 	// regular case: [ts + uid + method + serverID + serverKey]
-	String plaintext = "learnerStrictAuth".equals(method) ? timestamp.toLowerCase().trim()
-		+ username.toLowerCase().trim() + method.toLowerCase().trim() + lsid.toLowerCase().trim()
-		+ serverId.toLowerCase().trim() + secretkey.toLowerCase().trim() : timestamp.toLowerCase().trim()
-		+ username.toLowerCase().trim() + method.toLowerCase().trim() + serverId.toLowerCase().trim()
-		+ secretkey.toLowerCase().trim();
+	String plaintext = timestamp.toLowerCase().trim() + username.toLowerCase().trim() + method.toLowerCase().trim()
+		+ ("learnerStrictAuth".equals(method) ? lsid.toLowerCase().trim() : "") + serverId.toLowerCase().trim()
+		+ secretkey.toLowerCase().trim();		
 	// generate authentication hash code to validate parameters
 	String hash = sha1(plaintext);