Index: lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java
===================================================================
RCS file: /usr/local/cvsroot/lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java,v
diff -u -r1.20 -r1.21
--- lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	17 Sep 2007 06:57:51 -0000	1.20
+++ lams_central/src/java/org/lamsfoundation/lams/security/UniversalLoginModule.java	25 Sep 2007 07:26:40 -0000	1.21
@@ -129,12 +129,6 @@
 						return false;
 					}
 				}
-
-				// disabled users can't login
-				if (user.getDisabledFlag()) {
-					log.debug("===> user is disabled.");
-					return false;
-				}
 				
 				// allow sysadmin to login as another user; in this case, the LAMS shared session
 				// will be present, allowing the following check to work
@@ -167,6 +161,15 @@
 						return false;
 					}
 				}
+				
+				// disabled users can't login;
+				// check after authentication to give non-db authentication methods
+				// a chance to update disabled flag
+				if (user.getDisabledFlag()) {
+					log.debug("===> user is disabled.");
+					return false;
+				}
+				
 				//if login is valid, register userDTO into session.
 				if(isValid){
 					HttpSession sharedsession = SessionManager.getSession(); 
Index: lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java
===================================================================
RCS file: /usr/local/cvsroot/lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java,v
diff -u -r1.6 -r1.7
--- lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	25 Sep 2007 02:03:58 -0000	1.6
+++ lams_common/src/java/org/lamsfoundation/lams/usermanagement/service/LdapService.java	25 Sep 2007 07:26:40 -0000	1.7
@@ -191,26 +191,34 @@
 		}
 	}
 	
-	private boolean getAsBoolean(Attribute attr) {
+	private Boolean getAsBoolean(Attribute attr) {
 		String attrString = getSingleAttributeString(attr);
 		if (attrString!=null) {
 			if (attrString.equals("1") || attrString.equals("true")) {
 				return true;
+			} else if (attrString.equals("0") || attrString.equals("false")) {
+				return false;
 			}
 		}
-		return false;
+		return null;
 	}
 	
 	public boolean getDisabledBoolean(Attributes attrs) {
 		String ldapDisabledAttrStr = Configuration.get(ConfigurationKeys.LDAP_DISABLED_ATTR);
-		boolean toggleBoolean = false;
 		if (ldapDisabledAttrStr.startsWith("!")) {
 			ldapDisabledAttrStr = ldapDisabledAttrStr.substring(1);
-			toggleBoolean = true;
+			Attribute ldapDisabledAttr = attrs.get(ldapDisabledAttrStr);
+			Boolean booleanValue = getAsBoolean(ldapDisabledAttr);
+			if (booleanValue != null) {
+				return !booleanValue;
+			} else {
+				// if there is no value, assume not disabled
+				return false;
+			}
+		} else {
+			return getAsBoolean(attrs.get(ldapDisabledAttrStr));
 		}
-		Attribute ldapDisabledAttr = attrs.get(ldapDisabledAttrStr);
-		boolean booleanValue = getAsBoolean(ldapDisabledAttr);
-		return (toggleBoolean ? !booleanValue : booleanValue);
+		
 	}
 	
 	public boolean addLDAPUser(Attributes attrs, Integer userId) {