Index: lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java
===================================================================
diff -u -r2f21856ec2ab85b47c93cfcc3fa2c8769be65077 -r739732f21a9dfd061be8ac9095272f16a62036ba
--- lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 2f21856ec2ab85b47c93cfcc3fa2c8769be65077)
+++ lams_common/src/java/org/lamsfoundation/lams/web/session/SessionManager.java	(.../SessionManager.java)	(revision 739732f21a9dfd061be8ac9095272f16a62036ba)
@@ -175,16 +175,9 @@
      */
     public static void startSession(ServletRequest req, ServletResponse res) {
 	Cookie ssoCookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SSO_SESSION_COOKIE);
-	if (ssoCookie == null) {
-	    SessionManager.log.debug("==>Couldn't find the sso cookie");
-	    String value = (String) new UUIDHexGenerator().generate(null, null);
-	    ssoCookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE, value);
-	    SessionManager.log.debug("==>Created one - " + ssoCookie.getValue());
-	}
-	Cookie cookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SYS_SESSION_COOKIE);
 	String currentSessionId = null;
-	if (cookie != null) {
-	    currentSessionId = cookie.getValue();
+	if (ssoCookie != null) {
+	    currentSessionId = ssoCookie.getValue();
 	    Object obj = getSession(currentSessionId);
 	    // if cookie exist, but session does not. This usually menas seesion expired.
 	    // then delete the cookie first and set it null in order to create a new one
@@ -195,19 +188,20 @@
 		// cookie = null;
 	    }
 	}
-	// can not be in else!
-	if (cookie == null) {
-
-	    // create new session and set it into cookie
+	if (ssoCookie == null) {
+	    SessionManager.log.debug("==>Couldn't find the sso cookie");
 	    currentSessionId = (String) new UUIDHexGenerator().generate(null, null);
+	    // create new session and set it into cookie
 	    createSession(currentSessionId);
-	    // TODO remove this debugging - only put in to diagnose Ozgur's session problem
-	    if (SessionManager.log.isDebugEnabled()) {
-		SessionManager.log.debug("SessionManager: cookie is null, generating a new session: "
-			+ currentSessionId);
-	    }
-	    cookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SYS_SESSION_COOKIE, currentSessionId);
+	    ssoCookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SSO_SESSION_COOKIE, currentSessionId);
+	    SessionManager.log.debug("==>Created one - " + ssoCookie.getValue());
 	}
+	
+	Cookie cookie = findCookie((HttpServletRequest) req, SystemSessionFilter.SYS_SESSION_COOKIE);
+	if (cookie == null) {
+	    String value = (String) new UUIDHexGenerator().generate(null, null);
+	    cookie = createCookie((HttpServletResponse) res, SystemSessionFilter.SYS_SESSION_COOKIE, value);
+	}
 
 	setCurrentSessionId(currentSessionId);
 	// reset session last access time