Index: lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java
===================================================================
RCS file: /usr/local/cvsroot/lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java,v
diff -u -r1.9 -r1.10
--- lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java	24 Apr 2017 19:39:20 -0000	1.9
+++ lams_bb_integration/src/org/lamsfoundation/ld/integration/util/LamsSecurityUtil.java	3 May 2017 15:45:18 -0000	1.10
@@ -119,11 +119,9 @@
 	// in case of learnerStrictAuth we should also include lsid value when creating hash: [ts + uid + method + lsid
 	// + serverID + serverKey]
 	// regular case: [ts + uid + method + serverID + serverKey]
-	String plaintext = "learnerStrictAuth".equals(method) ? timestamp.toLowerCase().trim()
-		+ username.toLowerCase().trim() + method.toLowerCase().trim() + lsid.toLowerCase().trim()
-		+ serverId.toLowerCase().trim() + secretkey.toLowerCase().trim() : timestamp.toLowerCase().trim()
-		+ username.toLowerCase().trim() + method.toLowerCase().trim() + serverId.toLowerCase().trim()
-		+ secretkey.toLowerCase().trim();
+	String plaintext = timestamp.toLowerCase().trim() + username.toLowerCase().trim() + method.toLowerCase().trim()
+		+ ("learnerStrictAuth".equals(method) ? lsid.toLowerCase().trim() : "") + serverId.toLowerCase().trim()
+		+ secretkey.toLowerCase().trim();		
 	// generate authentication hash code to validate parameters
 	String hash = sha1(plaintext);