Index: lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java
===================================================================
diff -u -r84ad8252469aba6d9aa2db3446eb0399798fe327 -re7af1076141afe1e6b886242297e643888c5fbaa
--- lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	(.../UniversalLoginModule.java)	(revision 84ad8252469aba6d9aa2db3446eb0399798fe327)
+++ lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	(.../UniversalLoginModule.java)	(revision e7af1076141afe1e6b886242297e643888c5fbaa)
@@ -72,7 +72,7 @@
 
     private static final long INTERNAL_AUTHENTICATION_TIMEOUT = 60 * 1000;
     private static final String ROLES_QUERY =
-	    "SELECT DISTINCT r.name FROM lams_user u " + "LEFT OUTER JOIN lams_user_organisation uo USING(user_id) "
+	    "SELECT DISTINCT r.name FROM lams_user u LEFT OUTER JOIN lams_user_organisation uo USING(user_id) "
 		    + "LEFT OUTER JOIN lams_user_organisation_role urr USING(user_organisation_id) "
 		    + "LEFT OUTER JOIN lams_role r USING (role_id) WHERE u.login=?";
 
@@ -278,19 +278,24 @@
 		    // Assign minimal role if user has none
 		    if (name == null) {
 			name = Role.LEARNER;
-			UniversalLoginModule.log.info("Found no roles for user: " + userName + ", assigning: " + name);
+			if (UniversalLoginModule.log.isDebugEnabled()) {
+			    UniversalLoginModule.log.debug(
+				    "No roles found for user: " + userName + ", assigning: " + name);
+			}
+		    } else if (UniversalLoginModule.log.isDebugEnabled()) {
+			UniversalLoginModule.log.debug("For user: " + userName + " found role: " + name);
 		    }
+
 		    roles.add(name);
 
 		    // sysadmin is always app admin
 		    if (name.equals(Role.SYSADMIN) && !roles.contains(Role.APPADMIN)) {
-			UniversalLoginModule.log.info("Assign user: " + userName + " to role " + Role.APPADMIN);
+			UniversalLoginModule.log.info("For user: " + userName + " assign role: " + Role.APPADMIN);
 			roles.add(Role.APPADMIN);
 		    }
 		    if (name.equals(Role.APPADMIN) || name.equals(Role.SYSADMIN)) {
-			UniversalLoginModule.log.info("Found role " + name);
 			if (!roles.contains(Role.AUTHOR)) {
-			    UniversalLoginModule.log.info("Assign user: " + userName + " to role " + Role.AUTHOR);
+			    UniversalLoginModule.log.info("For user: " + userName + " assign role: " + Role.AUTHOR);
 			    roles.add(Role.AUTHOR);
 			}
 		    }