First SCM-Manager checks there is a xml (local) user with the corresponding username. If there is none it goes through the other possible sources, e.g. the LDAP that you configured.
So you will always see an entry in your log that says something like:
start authentication chain for user JohnDoe
check authenticator class sonia.scm.web.security.DefaultAuthenticationHandler for user JohnDoe --> This is basic authentication
JohnDoe is not a xml user
...
check authenticator class sonia.scm.auth.ldap.LDAPAuthenticationHandler for user JohnDoe --> LDAP authentication starts here
Do you have local (xml) users in SCM-Manager that have the same username in LDAP, but a different password? In that case SCM-Manager would recognize the (local) xml user with a false password. That would result in a failed authentication and the authentication chain would stop.
Cheers,
Daniel
-------------------------------------------------------------
SCM-Manager supported by Cloudogu