--- a/server/repository.py	Mon Feb 13 12:16:37 2012 +0100
+++ b/server/repository.py	Tue Feb 14 09:49:13 2012 +0100
@@ -451,8 +451,10 @@
         """validate authentication, raise AuthenticationError on failure, return
         associated CWUser's eid on success.
         """
-        for source in self.sources:
-            if source.support_entity('CWUser'):
+        # iter on sources_by_uri then check enabled source since sources doesn't
+        # contain copy based sources
+        for source in self.sources_by_uri.itervalues():
+            if self.config.source_enabled(source) and source.support_entity('CWUser'):
                 try:
                     return source.authenticate(session, login, **authinfo)
                 except AuthenticationError:

--- a/server/sources/ldapfeed.py	Mon Feb 13 12:16:37 2012 +0100
+++ b/server/sources/ldapfeed.py	Tue Feb 14 09:49:13 2012 +0100
@@ -28,6 +28,7 @@
 class LDAPFeedSource(ldaputils.LDAPSourceMixIn,
                      datafeed.DataFeedSource):
     """LDAP feed source"""
+    support_entities = {'CWUser': False}
     use_cwuri_as_url = True
 
     options = datafeed.DataFeedSource.options + ldaputils.LDAPSourceMixIn.options

--- a/server/test/unittest_ldapuser.py	Mon Feb 13 12:16:37 2012 +0100
+++ b/server/test/unittest_ldapuser.py	Tue Feb 14 09:49:13 2012 +0100
@@ -123,8 +123,11 @@
     def test_authenticate(self):
         source = self.repo.sources_by_uri['ldapuser']
         self.session.set_cnxset()
+        # ensure we won't be logged against
         self.assertRaises(AuthenticationError,
                           source.authenticate, self.session, 'toto', 'toto')
+        self.assertTrue(source.authenticate(self.session, 'syt', 'syt'))
+        self.assertTrue(self.repo.connect('syt', password='syt'))
 
     def test_base(self):
         # check a known one