--- loncom/auth/lonacc.pm	2013/12/13 02:10:27	1.149
+++ loncom/auth/lonacc.pm	2013/12/19 22:50:16	1.150
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.149 2013/12/13 02:10:27 raeburn Exp $
+# $Id: lonacc.pm,v 1.150 2013/12/19 22:50:16 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -264,10 +264,13 @@ sub upload_size_allowed {
 =item sso_login()
 
 	handle the case of the single sign on user, at this point $r->user 
-	will be set and valid now need to find the loncapa user info, and possibly
+	will be set and valid; now need to find the loncapa user info, and possibly
 	balance them. If $r->user() is set this means either it was either set by
-        SSO or by checkauthen.pm if a valid cookie was found. The latter case can
-        be identified by the third arg ($usename).
+        SSO or by checkauthen.pm, if a valid cookie was found. The latter case can
+        be identified by the third arg ($usename), except when lonacc is called in 
+        an internal redirect to /adm/switchserver (e.g., load-balancing following
+        successful authentication) -- no cookie set yet.  For that particular case
+        simply skip the call to sso_login(). 
 
 	returns OK if it was SSO and user was handled.
         returns undef if not SSO or no means to handle the user.
@@ -419,9 +422,11 @@ sub handler {
     my %user;
     my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\%user);
 
-    my $result = &sso_login($r,$handle,$user{'name'});
-    if (defined($result)) {
-	return $result;
+    unless (($requrl eq '/adm/switchserver') && (!$r->is_initial_req())) {
+        my $result = &sso_login($r,$handle,$user{'name'});
+        if (defined($result)) {
+	    return $result;
+        }
     }
 
     my ($is_balancer,$otherserver);