[2.0] Limitation Filter not working

[jwtoler]

I can not get the limitation filter working I even tried putting the example given in my config file (knowing it should fail) and it still logs the user in. Also even though I have bind model to user set as false it still inserts a user into my users table when authenticating.

This is how I have the limitation filter w/ the example (it should be failing since the group is all wrong):

'limitation_filter' => '(memberof:1.2.840.113556.1.4.1941:=CN=MyGroup,DC=example,DC=com)',

AuthController:

$credentials = $request->only('username', 'password');
if (Auth::attempt($credentials)) {
       return redirect()->intended('home');
}

[stevebauman]

Is your configuration being cached?

Also even though I have bind model to user set as false it still inserts a user into my users table when authenticating.

Thats not what this option controls, that's actually the adldap auth driver, it will always create a new user record for LDAP users logging in who do not have an account.

[jwtoler]

I cleared my cache and it is still doing this. If I type the incorrect password it kicks me back to the login so I know that is working. Typing the correct credentials takes me past the login screen but with that limitation filter it should be kicking me out right? The CN and DC doesn't even match my base DN.

[stevebauman]

Yup you're right, the newAdldapUserQuery() method is being overridden by a local class method. Can't believe I missed this. Thanks!

https://github.com/Adldap2/Adldap2-Laravel/blob/master/src/AdldapAuthUserProvider.php#L245

This is the overridden trait method that applies the raw filter:

https://github.com/Adldap2/Adldap2-Laravel/blob/master/src/Traits/ImportsUsers.php#L207

Fixing now.

[stevebauman]

Fixed: 80b6f9c

Please update to v2.0.4, thanks for bringing this up!