Index: lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java
===================================================================
diff -u -ra2e9316b26f3b48a9d98a4d23f6b909c7c294a6c -r39708e75f8c99f9488c91c5702b234317c0bccb4
--- lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java	(.../SsoHandler.java)	(revision a2e9316b26f3b48a9d98a4d23f6b909c7c294a6c)
+++ lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java	(.../SsoHandler.java)	(revision 39708e75f8c99f9488c91c5702b234317c0bccb4)
@@ -101,7 +101,7 @@
 			// do the logging in UniversalLoginModule or cache
 			handler.handleRequest(exchange);
 
-			if (login.equals(request.getRemoteUser())) {
+			if (login != null && login.equals(request.getRemoteUser())) {
 			    session.setAttribute(AttributeNames.USER, userDTO);
 			}