Index: lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java
===================================================================
RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java,v
diff -u -r1.22 -r1.23
--- lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java	5 Aug 2014 22:28:30 -0000	1.22
+++ lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java	5 Aug 2014 22:33:12 -0000	1.23
@@ -134,7 +134,12 @@
 	    //in case of request for learner with strict authentication check cache should also contain lsid
 	    if (LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method)) {
 		String lsId = request.getParameter(LoginRequestDispatcher.PARAM_LESSON_ID);
+		if (lsId == null) {
+		    response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Login Failed - lsId parameter missing");
+		    return;
+		}
 		Authenticator.authenticate(serverMap, timestamp, extUsername, method, lsId, hash);
+		
 	    } else {
 		Authenticator.authenticate(serverMap, timestamp, extUsername, method, hash);
 	    }