diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index fa86383..db98e0d 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -9,11 +9,15 @@ class ApplicationController < ActionController::Base
   before_filter :allow_cross_domain_access
 
   before_filter :login_from_cookie
-  before_filter :login_required, :if => :private_environment?
+  before_filter :require_login_for_environment, :if => :private_environment?
 
   before_filter :verify_members_whitelist, :if => [:private_environment?, :user]
   before_filter :redirect_to_current_user
 
+  def require_login_for_environment
+    login_required
+  end
+
   def verify_members_whitelist
     render_access_denied unless user.is_admin? || environment.in_whitelist?(user)
   end
diff --git a/app/controllers/public/account_controller.rb b/app/controllers/public/account_controller.rb
index 613b7d0..09ab765 100644
--- a/app/controllers/public/account_controller.rb
+++ b/app/controllers/public/account_controller.rb
@@ -2,7 +2,7 @@ class AccountController < ApplicationController
 
   no_design_blocks
 
-  before_filter :login_required, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
+  before_filter :login_required, :require_login_for_environment, :only => [:activation_question, :accept_terms, :activate_enterprise, :change_password]
   before_filter :redirect_if_logged_in, :only => [:login, :signup]
   before_filter :protect_from_bots, :only => :signup
 
diff --git a/test/functional/account_controller_test.rb b/test/functional/account_controller_test.rb
index e5b5696..0fe1fcd 100644
--- a/test/functional/account_controller_test.rb
+++ b/test/functional/account_controller_test.rb
@@ -1046,4 +1046,15 @@ class AccountControllerTest < ActionController::TestCase
                                 :national_region_type_id => NationalRegionType::CITY,
                                 :parent_national_region_code => parent_region.national_region_code)
   end
+
+  should 'not lock users out of login if environment is restrict to members' do
+    Environment.default.enable(:restrict_to_members)
+    get :login
+    assert_response :success
+
+    post :login, :user => {:login => 'johndoe', :password => 'test'}
+    assert session[:user]
+    assert_response :redirect
+  end
+
 end
diff --git a/test/functional/profile_controller_test.rb b/test/functional/profile_controller_test.rb
index 610529e..5691403 100644
--- a/test/functional/profile_controller_test.rb
+++ b/test/functional/profile_controller_test.rb
@@ -1812,4 +1812,10 @@ class ProfileControllerTest < ActionController::TestCase
     assert @response.body.index("another_user") > @response.body.index("different_user")
   end
 
+  should 'redirect to login if environment is restrict to members' do
+    Environment.default.enable(:restrict_to_members)
+    get :index
+    assert_redirected_to :controller => 'account', :action => 'login'
+  end
+
 end
--
libgit2 0.21.2