diff --git a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java
index 000d552a82733977405d7705c17529f744e88c04..9bada3806a19fc92aedc22320927669f45a5b8b2 100755
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/LoginServlet.java
@@ -153,9 +153,9 @@ public class LoginServlet<T extends Principal> extends HttpServlet
             String userID = request.getParameter("username");
             String password = request.getParameter("password");
 
-            if (userID == null)
+            if (userID == null || userID.length() == 0)
                 throw new IllegalArgumentException("Missing username");
-            if (password == null)
+            if (password == null || password.length() == 0)
                 throw new IllegalArgumentException("Missing password");
 
             userID = userID.trim();