From 964495b9b612f7bb3d205ffba8bf3aa8f7053fdf Mon Sep 17 00:00:00 2001
From: Uwe Steinmann <steinm@debian.org>
Date: Fri, 16 May 2025 19:12:05 +0200
Subject: [PATCH] run authenticator only if user is still not known

---
 controllers/class.Login.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/controllers/class.Login.php b/controllers/class.Login.php
index 8afb360c4..8e9074eaa 100644
--- a/controllers/class.Login.php
+++ b/controllers/class.Login.php
@@ -222,7 +222,8 @@ class SeedDMS_Controller_Login extends SeedDMS_Controller_Common {
 			}
 		}
 
-		$user = $authenticator->authenticate($login, $pwd);
+		if(!is_object($user))
+			$user = $authenticator->authenticate($login, $pwd);
 
 		if(0) {
 		/* Authenticate against LDAP server {{{ */