Index: lams_build/lib/lams/lams.jar
===================================================================
diff -u -rc819f2a958c500be2c37059a1781b8c145557310 -r2d5f02461899b6640fb13db8098d14ee4653e8b8
Binary files differ
Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java
===================================================================
diff -u -rc819f2a958c500be2c37059a1781b8c145557310 -r2d5f02461899b6640fb13db8098d14ee4653e8b8
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision c819f2a958c500be2c37059a1781b8c145557310)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 2d5f02461899b6640fb13db8098d14ee4653e8b8)
@@ -92,17 +92,18 @@
      */
     public static void removeSessionByLogin(String login, boolean invalidate) {
 	HttpSession session = SessionManager.loginMapping.get(login);
-	if (session != null) {
-	    SessionManager.loginMapping.remove(login);
-	    SessionManager.sessionIdMapping.remove(session.getId());
+	if (session == null) {
+	    return;
+	}
+	SessionManager.loginMapping.remove(login);
+	SessionManager.sessionIdMapping.remove(session.getId());
 
-	    if (invalidate) {
-		try {
-		    session.invalidate();
-		} catch (IllegalStateException e) {
-		    System.out.println("SessionMananger invalidation exception");
-		    // if it was already invalidated, do nothing
-		}
+	if (invalidate) {
+	    try {
+		session.invalidate();
+	    } catch (IllegalStateException e) {
+		System.out.println("SessionMananger invalidation exception");
+		// if it was already invalidated, do nothing
 	    }
 	}
     }
@@ -112,21 +113,39 @@
      */
     public static void removeSessionByID(String sessionID, boolean invalidate) {
 	HttpSession session = SessionManager.getSession(sessionID);
-	if (session != null) {
-	    SessionManager.sessionIdMapping.remove(sessionID);
+	if (session == null) {
+	    return;
+	}
+	SessionManager.sessionIdMapping.remove(sessionID);
 
-	    if (invalidate) {
-		try {
-		    session.invalidate();
-		} catch (IllegalStateException e) {
-		    System.out.println("SessionMananger invalidation exception");
-		    // if it was already invalidated, do nothing
-		}
+	if (invalidate) {
+	    try {
+		session.invalidate();
+	    } catch (IllegalStateException e) {
+		System.out.println("SessionMananger invalidation exception");
+		// if it was already invalidated, do nothing
 	    }
 	}
     }
 
     /**
+     * Makes sure that given session ID points to correct session.
+     * It may not be the case after session ID change after login.
+     */
+    public static void updateSessionID(String sessionID) {
+	HttpSession session = SessionManager.getSession(sessionID);
+	if (session == null) {
+	    return;
+	}
+	String newSessionID = session.getId();
+	if (!sessionID.equals(newSessionID)) {
+	    SessionManager.sessionIdMapping.remove(sessionID);
+	    SessionManager.sessionIdMapping.put(newSessionID, session);
+	    SessionManager.sessionManager.currentSessionIdContainer.set(newSessionID);
+	}
+    }
+
+    /**
      * Get system level HttpSession by current session id.
      */
     public static HttpSession getSession() {