Index: lams_build/lib/lams/lams.jar
===================================================================
diff -u -r01a4035d52575ebe0a8467b4e589998196353962 -rfc041430be42d809aaaf81add61f2d3182490aef
Binary files differ
Index: lams_central/src/java/org/lamsfoundation/lams/web/HomeAction.java
===================================================================
diff -u -rde1940e60766f8901436c6ab567c692685d5b35c -rfc041430be42d809aaaf81add61f2d3182490aef
--- lams_central/src/java/org/lamsfoundation/lams/web/HomeAction.java	(.../HomeAction.java)	(revision de1940e60766f8901436c6ab567c692685d5b35c)
+++ lams_central/src/java/org/lamsfoundation/lams/web/HomeAction.java	(.../HomeAction.java)	(revision fc041430be42d809aaaf81add61f2d3182490aef)
@@ -28,6 +28,7 @@
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
 import org.apache.struts.action.ActionForm;
@@ -38,8 +39,11 @@
 import org.springframework.web.context.support.WebApplicationContextUtils;
 import org.springframework.web.context.WebApplicationContext;
 
+import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
 import org.lamsfoundation.lams.usermanagement.service.UserManagementService;
 import org.lamsfoundation.lams.web.PasswordChangeActionForm;
+import org.lamsfoundation.lams.web.session.SessionManager;
+import org.lamsfoundation.lams.web.util.AttributeNames;
 import org.lamsfoundation.lams.web.util.HttpSessionManager;
 import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.Organisation;
@@ -72,13 +76,19 @@
 	private static UserManagementService service = (UserManagementService) ctx.getBean("userManagementServiceTarget");
 	
 	
-	private boolean isUserInRole(String login,int orgId, String roleName)
+	private boolean isUserInRole(Integer userId,int orgId, String roleName)
 	{
-		if (service.getUserOrganisationRole(login, new Integer(orgId),roleName)==null)
+		if (service.getUserOrganisationRole(userId, new Integer(orgId),roleName)==null)
 			return false;
 		return true;
 	}
 	
+	private UserDTO getUser() {
+		HttpSession ss = SessionManager.getSession();
+		return (UserDTO) ss.getAttribute(AttributeNames.USER);
+	}
+	
+
 	/**
 	 * request for admin environment
 	 */
@@ -88,21 +98,18 @@
 
 		try {
 			log.debug("request admin");
-			
-			String login = req.getRemoteUser();
-			
 			int orgId = new Integer(req.getParameter("orgId")).intValue();
-			
-			if ( isUserInRole(login,orgId,Role.ADMIN))
-			{
+			UserDTO user = getUser();
+			if ( user == null ) {
+				log.error("admin: User missing from session. ");
+				return mapping.findForward("error");
+			} else if ( isUserInRole(getUser().getUserID(),orgId,Role.ADMIN)) {
 				log.debug("user is admin");
 				Organisation org = service.getOrganisationById(new Integer(orgId));
 				AdminPreparer.prepare(org,req,service);
 				return mapping.findForward("admin");
-			}
-			else
-			{
-				log.error("User "+login+" tried to get admin screen but isn't admin in organisation: "+orgId);
+			} else {
+				log.error("User "+user.getLogin()+" tried to get admin screen but isn't admin in organisation: "+orgId);
 				return mapping.findForward("error");
 			}
 			
@@ -121,19 +128,16 @@
 
 		try {
 			log.debug("request sysadmin");
-			
-			String login = req.getRemoteUser();
-			
 			int orgId = new Integer(req.getParameter("orgId")).intValue();
-			
-			if ( isUserInRole(login,orgId,Role.SYSADMIN))
-			{
+			UserDTO user = getUser();
+			if ( user == null ) {
+				log.error("admin: User missing from session. ");
+				return mapping.findForward("error");
+			} else if ( isUserInRole(user.getUserID(),orgId,Role.SYSADMIN)) {
 				log.debug("user is sysadmin");
 				return mapping.findForward("sysadmin");
-			}
-			else
-			{
-				log.error("User "+login+" tried to get sysadmin screen but isn't sysadmin in organisation: "+orgId);
+			} else {
+				log.error("User "+user.getLogin()+" tried to get sysadmin screen but isn't sysadmin in organisation: "+orgId);
 				return mapping.findForward("error");
 			}
 			
@@ -153,12 +157,12 @@
 		try {
 			log.debug("request learner");
 			
-			String login = req.getRemoteUser();
-			
 			int orgId = new Integer(req.getParameter("orgId")).intValue();
-			
-			if ( isUserInRole(login,orgId,Role.LEARNER) )
-			{
+			UserDTO user = getUser();
+			if ( user == null ) {
+				log.error("admin: User missing from session. ");
+				return mapping.findForward("error");
+			} else if ( isUserInRole(user.getUserID(),orgId,Role.LEARNER) ) {
 				log.debug("user is learner");
 			
 				String serverUrl = Configuration.get(ConfigurationKeys.SERVER_URL);
@@ -168,7 +172,7 @@
 			}
 			else
 			{
-				log.error("User "+login+" tried to get learner screen but isn't learner in organisation: "+orgId);
+				log.error("User "+user.getLogin()+" tried to get learner screen but isn't learner in organisation: "+orgId);
 				return mapping.findForward("error");
 			}
 			
@@ -188,12 +192,12 @@
 
 		try {
 			log.debug("request author");
-			
-			String login = req.getRemoteUser();
-			
 			int orgId = new Integer(req.getParameter("orgId")).intValue();
-			
-			if ( isUserInRole(login,orgId,Role.AUTHOR) )
+			UserDTO user = getUser();
+			if ( user == null ) {
+				log.error("admin: User missing from session. ");
+				return mapping.findForward("error");
+			} else if ( isUserInRole(user.getUserID(),orgId,Role.AUTHOR) )
 			{
 				log.debug("user is author");
 			
@@ -204,7 +208,7 @@
 			}
 			else
 			{
-				log.error("User "+login+" tried to get author screen but isn't author in organisation: "+orgId);
+				log.error("User "+user.getLogin()+" tried to get author screen but isn't author in organisation: "+orgId);
 				return mapping.findForward("error");
 			}
 			
@@ -224,12 +228,12 @@
 
 			try {
 			log.debug("request staff");
-
-			String login = req.getRemoteUser();
-
 			int orgId = new Integer(req.getParameter("orgId")).intValue();
-
-			if (isUserInRole(login, orgId, Role.STAFF)) {
+			UserDTO user = getUser();
+			if ( user == null ) {
+				log.error("admin: User missing from session. ");
+				return mapping.findForward("error");
+			} else if (isUserInRole(user.getUserID(), orgId, Role.STAFF)) {
 				log.debug("user is staff");
 
 				String serverUrl = Configuration
@@ -238,11 +242,7 @@
 				req.setAttribute("serverUrl", serverUrl);
 				return mapping.findForward("staff");
 			} else {
-				log
-						.error("User "
-								+ login
-								+ " tried to get staff screen but isn't staff in organisation: "
-								+ orgId);
+				log.error("User "+ user.getLogin() + " tried to get staff screen but isn't staff in organisation: " + orgId);
 				return mapping.findForward("error");
 			}
 
Index: lams_common/src/java/org/lamsfoundation/lams/commonContext.xml
===================================================================
diff -u -r832b7388158e6588d5791e09d202774d8434de86 -rfc041430be42d809aaaf81add61f2d3182490aef
--- lams_common/src/java/org/lamsfoundation/lams/commonContext.xml	(.../commonContext.xml)	(revision 832b7388158e6588d5791e09d202774d8434de86)
+++ lams_common/src/java/org/lamsfoundation/lams/commonContext.xml	(.../commonContext.xml)	(revision fc041430be42d809aaaf81add61f2d3182490aef)
@@ -122,7 +122,7 @@
 	
 	<bean id="themeServiceTarget" class="org.lamsfoundation.lams.themes.service.ThemeService">
 		<property name="themeDAO"><ref local="themeDAO"/></property>
-		<property name="userDAO"><ref local="userDAO"/></property>
+		<property name="userManagementService"><ref local="userManagementService"/></property>
 		<property name="messageService"><ref bean="commonMessageService"/></property>
 	</bean>
 	
Index: lams_common/src/java/org/lamsfoundation/lams/themes/service/IThemeService.java
===================================================================
diff -u -r34b959260a0f8f8285793a4481a95ca3580eabc5 -rfc041430be42d809aaaf81add61f2d3182490aef
--- lams_common/src/java/org/lamsfoundation/lams/themes/service/IThemeService.java	(.../IThemeService.java)	(revision 34b959260a0f8f8285793a4481a95ca3580eabc5)
+++ lams_common/src/java/org/lamsfoundation/lams/themes/service/IThemeService.java	(.../IThemeService.java)	(revision fc041430be42d809aaaf81add61f2d3182490aef)
@@ -62,22 +62,6 @@
 	public MessageService getMessageService();
 	
 	/**
-     * Set IThemeDAO
-     *
-     * @param themeDao
-     */
-	public void setThemeDAO(ICSSThemeDAO themeDao);
-
-	
-	/**
-     * Set IUserDAO
-     *
-     * @param userDao
-     */
-	public void setUserDAO(IUserDAO userDao);
-
-	
-	/**
 	 * Store a theme created on a client.
 	 * @param wddxPacket The WDDX packet received from Flash
 	 * @return String The acknowledgement in WDDX format that the theme has been
Index: lams_common/src/java/org/lamsfoundation/lams/themes/service/ThemeService.java
===================================================================
diff -u -r34b959260a0f8f8285793a4481a95ca3580eabc5 -rfc041430be42d809aaaf81add61f2d3182490aef
--- lams_common/src/java/org/lamsfoundation/lams/themes/service/ThemeService.java	(.../ThemeService.java)	(revision 34b959260a0f8f8285793a4481a95ca3580eabc5)
+++ lams_common/src/java/org/lamsfoundation/lams/themes/service/ThemeService.java	(.../ThemeService.java)	(revision fc041430be42d809aaaf81add61f2d3182490aef)
@@ -34,17 +34,16 @@
 import org.lamsfoundation.lams.themes.dao.ICSSThemeDAO;
 import org.lamsfoundation.lams.themes.dto.CSSThemeBriefDTO;
 import org.lamsfoundation.lams.themes.dto.CSSThemeDTO;
-import org.lamsfoundation.lams.usermanagement.dao.IUserDAO;
+import org.lamsfoundation.lams.themes.exception.ThemeException;
 import org.lamsfoundation.lams.usermanagement.User;
 import org.lamsfoundation.lams.usermanagement.exception.UserException;
+import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
 import org.lamsfoundation.lams.util.MessageService;
 import org.lamsfoundation.lams.util.wddx.FlashMessage;
 import org.lamsfoundation.lams.util.wddx.WDDXProcessor;
+
 import com.allaire.wddx.WddxDeserializationException;
-import org.lamsfoundation.lams.util.MessageService;
 
-import org.lamsfoundation.lams.themes.exception.ThemeException;
-
 /**
  * 
  * @author Mitchell Seaton
@@ -56,8 +55,8 @@
 	
 	/** Required DAO's */
 	protected ICSSThemeDAO themeDAO;
-	protected IUserDAO userDAO;
 	protected MessageService messageService;
+	protected IUserManagementService userManagementService;
 	
 	/** for sending acknowledgment/error messages back to flash */
 	private FlashMessage flashMessage;
@@ -86,11 +85,12 @@
 		this.themeDAO = themeDAO;
 	}
 	
-	/**
-	 * @see org.lamsfoundation.lams.usermanagement.service.IUserManagementService#setUserDAO(org.lamsfoundation.lams.usermanagement.dao.IUserDAO)
-	 */
-	public void setUserDAO(IUserDAO userDAO) {
-		this.userDAO = userDAO;
+    /**
+     * 
+     * @param IUserManagementService The userManagementService to set.
+     */
+	public void setUserManagementService(IUserManagementService userManagementService) {
+		this.userManagementService = userManagementService;
 	}
 	
 	/**
@@ -178,7 +178,7 @@
 	 */
 	public String getThemes() throws IOException {
 	    List themes = themeDAO.getAllThemes();
-		ArrayList themeList = new ArrayList();
+		ArrayList<CSSThemeBriefDTO> themeList = new ArrayList<CSSThemeBriefDTO>();
 		Iterator iterator = themes.iterator();
 		while(iterator.hasNext()){
 		    CSSThemeBriefDTO dto = new CSSThemeBriefDTO((CSSThemeVisualElement)iterator.next());
@@ -195,7 +195,7 @@
 	 * @throws IOException
 	 */
 	private FlashMessage setTheme(Integer userId, Long themeId, String type) throws IOException, ThemeException, UserException {
-		User user = userDAO.getUserById(userId);
+		User user = userManagementService.getUserById(userId);
 		CSSThemeVisualElement theme = themeDAO.getThemeById(themeId);
 		
 		if(theme==null)
@@ -213,7 +213,7 @@
 			else if(type.equals(IThemeService.HTML_KEY))
 				user.setHtmlTheme(theme);
 			
-			userDAO.updateUser(user);
+			userManagementService.updateUser(user);
 			flashMessage = new FlashMessage("setTheme", messageService.getMessage(IThemeService.SET_THEME_SAVED_MESSAGE_KEY));
 		}
 		
@@ -249,6 +249,6 @@
 	public FlashMessage setFlashTheme(Integer userId, Long themeId) throws IOException, ThemeException, UserException {
 		return setTheme(userId, themeId, IThemeService.FLASH_KEY);
 	}
+
 	
-	
 }
\ No newline at end of file
Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/util/AdminPreparer.java
===================================================================
diff -u -r34b959260a0f8f8285793a4481a95ca3580eabc5 -rfc041430be42d809aaaf81add61f2d3182490aef
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/util/AdminPreparer.java	(.../AdminPreparer.java)	(revision 34b959260a0f8f8285793a4481a95ca3580eabc5)
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/util/AdminPreparer.java	(.../AdminPreparer.java)	(revision fc041430be42d809aaaf81add61f2d3182490aef)
@@ -28,11 +28,15 @@
 import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
+import org.apache.log4j.Logger;
 import org.lamsfoundation.lams.usermanagement.Organisation;
 import org.lamsfoundation.lams.usermanagement.Role;
 import org.lamsfoundation.lams.usermanagement.UserOrganisationRole;
+import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
 import org.lamsfoundation.lams.usermanagement.service.UserManagementService;
+import org.lamsfoundation.lams.web.session.SessionManager;
 import org.lamsfoundation.lams.web.util.AttributeNames;
 
 /**
@@ -44,28 +48,36 @@
  */
 public class AdminPreparer {
 
+	private static Logger log = Logger.getLogger(AdminPreparer.class);
+
 	public static void prepare(Organisation org, HttpServletRequest request, UserManagementService service){
 		UserOrganisationRole userOrgRole = null;
-		if(org.getParentOrganisation()!=null){
-			userOrgRole = service.getUserOrganisationRole(request.getRemoteUser(),org.getParentOrganisation().getOrganisationId(),Role.ADMIN);	
-		}
-		List childOrgs = service.getChildOrganisations(org);
-		for(int i=0; i<childOrgs.size();i++){
-			Organisation childOrg = (Organisation)childOrgs.get(i);
-			if(service.getUserOrganisationRole(request.getRemoteUser(),childOrg.getOrganisationId(),Role.ADMIN)==null){
-				childOrgs.remove(i);
+		HttpSession ss = SessionManager.getSession();
+		UserDTO user = (UserDTO) ss.getAttribute(AttributeNames.USER);
+		if ( user == null ) {
+			log.error("Unable to prepare for admin as user is not in the shared session");
+		} else {
+			if(org.getParentOrganisation()!=null){
+				userOrgRole = service.getUserOrganisationRole(user.getUserID(),org.getParentOrganisation().getOrganisationId(),Role.ADMIN);	
 			}
+			List childOrgs = service.getChildOrganisations(org);
+			for(int i=0; i<childOrgs.size();i++){
+				Organisation childOrg = (Organisation)childOrgs.get(i);
+				if(service.getUserOrganisationRole(user.getUserID(),childOrg.getOrganisationId(),Role.ADMIN)==null){
+					childOrgs.remove(i);
+				}
+			}
+			if(childOrgs.size()!=0){
+				Set childOrganisations = new HashSet();
+				childOrganisations.addAll(childOrgs);
+				org.setChildOrganisations(childOrganisations);
+			}else{
+				org.setChildOrganisations(null);
+			}
+			request.setAttribute(AttributeNames.ADMIN_ORGANISATION,org);
+			if(userOrgRole!=null){
+				request.setAttribute(AttributeNames.ADMIN_PARENT_ACCESS,"true");
+			}
 		}
-		if(childOrgs.size()!=0){
-			Set childOrganisations = new HashSet();
-			childOrganisations.addAll(childOrgs);
-			org.setChildOrganisations(childOrganisations);
-		}else{
-			org.setChildOrganisations(null);
-		}
-		request.setAttribute(AttributeNames.ADMIN_ORGANISATION,org);
-		if(userOrgRole!=null){
-			request.setAttribute(AttributeNames.ADMIN_PARENT_ACCESS,"true");
-		}
 	}
 }