No, currently its an either or thing. Support for ldap was intended primarily for intranet or extranet sites where you already have a group of users being managed via ldap or active directory. It allows the user to login to the web site using their domain credentials. For a public facing site you definitely would want to use SSL, otherwise you are passing doamin credentials across the wire unencrypted.

Registration is disabled when ldap is configured because we can't create ldap accounts.

To me it would be an unusual use case to allow registration to create a mojoportal db user account and then allow users to sign in either with ldap or directly. It could be implemented to do this but it is not currently possible. If its important to you and you would like to sponsor making this possible I could investigate what it will take and give you an estimate but I would want to better understand why you want to do this.

Hope it helps,

Joe