Index: lams_central/src/java/org/lamsfoundation/lams/web/SessionListener.java
===================================================================
diff -u -r65aec4aac4e80981cd4f91951cae556642027139 -r68d929f2345407cf503c29c3903fb0127dd3f848
--- lams_central/src/java/org/lamsfoundation/lams/web/SessionListener.java	(.../SessionListener.java)	(revision 65aec4aac4e80981cd4f91951cae556642027139)
+++ lams_central/src/java/org/lamsfoundation/lams/web/SessionListener.java	(.../SessionListener.java)	(revision 68d929f2345407cf503c29c3903fb0127dd3f848)
@@ -96,12 +96,6 @@
 		String login = userDTO.getLogin();
 		Principal principal = new SimplePrincipal(login);
 		SessionListener.authenticationManager.flushCache(principal);
-
-		// remove obsolete mappings to session
-		// the session is either already invalidated or will be very soon by another module
-
-		// it seems obsolete as removeSessionByID() above already clears login mapping
-		// SessionManager.removeSessionByLogin(login, false);
 	    }
 	}
     }
Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java
===================================================================
diff -u -r3cb5f91a2d0c7185e16b32d019ec0d2ecb30aaf9 -r68d929f2345407cf503c29c3903fb0127dd3f848
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 3cb5f91a2d0c7185e16b32d019ec0d2ecb30aaf9)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 68d929f2345407cf503c29c3903fb0127dd3f848)
@@ -24,6 +24,7 @@
 package org.lamsfoundation.lams.web.session;
 
 import java.util.Date;
+import java.util.Iterator;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map;
@@ -215,8 +216,21 @@
 
     /**
      * Returns number of all sessions stored in the container.
+     * Additionally cleans up invalidated session which linger in mapping.
      */
     public static int getSessionTotalCount() {
+	Iterator<String> sessionIterator = SessionManager.sessionIdMapping.keySet().iterator();
+	while (sessionIterator.hasNext()) {
+	    String sessionId = sessionIterator.next();
+	    HttpSession session = SessionManager.sessionIdMapping.get(sessionId);
+	    try {
+		session.getCreationTime();
+	    } catch (IllegalStateException e) {
+		log.warn("Removing invalid session which should have been removed by SessionListener: " + sessionId);
+		sessionIterator.remove();
+	    }
+	}
+
 	return SessionManager.sessionIdMapping.size();
     }