Index: lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java
===================================================================
diff -u -r4284195b991cf03c3f84e9acb6988ae76eb7f914 -rbea352c79a9b442048149fa66d38058be533b247
--- lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	(.../UniversalLoginModule.java)	(revision 4284195b991cf03c3f84e9acb6988ae76eb7f914)
+++ lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	(.../UniversalLoginModule.java)	(revision bea352c79a9b442048149fa66d38058be533b247)
@@ -245,13 +245,12 @@
 
 				try {
 					Principal p;
-					if (name!=null) {
-						p = super.createIdentity(name);
-					} else {
-						p = super.createIdentity(Role.LEARNER);
+					// Assign minimal role if user has none
+					if (name==null) {
+						name = Role.LEARNER;
 						log.info("Found no roles");
 					}
-					//if (!group.isMember(p)) {
+					p = super.createIdentity(name);
 					if (!groupMembers.contains(name)) {
 						log.info("Assign user to role " + p.getName());
 						group.addMember(p);
@@ -260,7 +259,6 @@
 					if (name.equals(Role.SYSADMIN) || name.equals(Role.AUTHOR_ADMIN)) {
 						p = super.createIdentity(Role.AUTHOR);
 						log.info("Found "+name);
-						//if (!group.isMember(p)) {
 						if (!groupMembers.contains(Role.AUTHOR)) {
 							log.info("Assign user to role "+Role.AUTHOR);
 							group.addMember(p);