diff --git a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
index fab5a16bfafafdd1e7ef5b31e600bb38342bb5f6..d8913fa6042a648554247b8bde94a266bf515a12 100644
--- a/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
+++ b/authentication/source/java/ch/systemsx/cisd/authentication/DefaultSessionManager.java
@@ -593,16 +593,9 @@ public class DefaultSessionManager<T extends BasicSession> implements ISessionMa
     {
         final Principal p = authenticationService.tryGetAndAuthenticateUser(user, password);
         if (p == null && tryEmailAsUserName && user.contains("@")
-                && authenticationService.supportsListingByEmail())
+                && authenticationService.supportsAuthenticatingByEmail())
         {
-            for (Principal p2 : authenticationService.listPrincipalsByEmail(user))
-            {
-                if (authenticationService.authenticateUser(p2.getUserId(), password))
-                {
-                    p2.setAuthenticated(true);
-                    return p2;
-                }
-            }
+            return authenticationService.tryGetAndAuthenticateUserByEmail(user, password);
         }
         return p;
     }
diff --git a/authentication/sourceTest/java/ch/systemsx/cisd/authentication/DefaultSessionManagerTest.java b/authentication/sourceTest/java/ch/systemsx/cisd/authentication/DefaultSessionManagerTest.java
index 3881425cbff9bfbefc99d660c609778603cf5f65..60b6d39bf18f47976ceb778af8d2bf00929ff6ad 100644
--- a/authentication/sourceTest/java/ch/systemsx/cisd/authentication/DefaultSessionManagerTest.java
+++ b/authentication/sourceTest/java/ch/systemsx/cisd/authentication/DefaultSessionManagerTest.java
@@ -20,8 +20,6 @@ import static org.testng.AssertJUnit.assertEquals;
 import static org.testng.AssertJUnit.assertTrue;
 import static org.testng.AssertJUnit.fail;
 
-import java.util.Arrays;
-
 import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Level;
 import org.jmock.Expectations;
@@ -169,19 +167,17 @@ public class DefaultSessionManagerTest
         final String user = "bla";
         final String userEmail = "bla@blub.com";
         final Principal sessionPrincipal =
-                new Principal(user, StringUtils.EMPTY, StringUtils.EMPTY, userEmail, false);
+                new Principal(user, StringUtils.EMPTY, StringUtils.EMPTY, userEmail, true);
         prepareRemoteHostSessionFactoryAndPrefixGenerator(user, sessionPrincipal);
         context.checking(new Expectations()
             {
                 {
                     one(authenticationService).tryGetAndAuthenticateUser(userEmail, "blub");
                     will(returnValue(null));
-                    one(authenticationService).supportsListingByEmail();
-                    will(returnValue(true));
-                    one(authenticationService).listPrincipalsByEmail(userEmail);
-                    will(returnValue(Arrays.asList(sessionPrincipal)));
-                    one(authenticationService).authenticateUser(user, "blub");
+                    one(authenticationService).supportsAuthenticatingByEmail();
                     will(returnValue(true));
+                    one(authenticationService).tryGetAndAuthenticateUserByEmail(userEmail, "blub");
+                    will(returnValue(sessionPrincipal));
                 }
             });