session.removeNote(Constants.SESS_USERNAME_NOTE); if (password != null) session.setNote(Constants.SESS_PASSWORD_NOTE, getPasswordAsString(password)); else session.removeNote(Constants.SESS_PASSWORD_NOTE); sso.register(ssoId, principal, AUTH_TYPE, username, this.getPasswordAsString(password)); request.setNote(Constants.REQ_SSOID_NOTE, ssoId); sso.update(ssoId, principal, AUTH_TYPE, username, this.getPasswordAsString(password));