1. Setup a datastore that uses uid for searching for users.
2. setup an LDAP authentication module that has [a] uid for the "Attribute used to retrieve user profile" and [b] mail for the "Attribute used to search for a User to be Authenticated"
3. configure a basic auth module that wraps the above LDAP module.
4. setup a chain with just LDAP module in (ldapService)
5. setup a chain with just the BasicAuth module in (BasicAuth)
Login to the server using Service=ldapService and passing mail as the username. Authentication should be successful.
Login to the server using Service=BasicAuth again passing mail as the username. Authentication will fail because mail attribute value will be used and not value of uid to search for the user's profile.
This is because HTTPBasic#getPrincipal will use validatedUserID = userName, which in this case will be mail attribute value and not Principal from backend module (LDAP)