Fix #522: Ldap bind-dn and bind-pwd are required even for non group authentication.

[bhataprameya]

      - AUTH_TYPE=ldap
      - LDAP_METHOD=simple
      - LDAP_URL=ldap://ldap:389
      - LDAP_BASE_DN=DC=example,DC=org
      - LDAP_USER_TEMPLATE=uid=%s,%s

Just giving the above configs won't work because even if the base-dn and user-attr-template in LDAP group search config is always picked up from the parent level if not specified. (https://github.com/lmenezes/cerebro/blob/v0.9.4/app/controllers/auth/ldap/LDAPAuthConfig.scala#L24)
(https://github.com/lmenezes/cerebro/blob/v0.9.4/app/controllers/auth/ldap/LDAPAuthConfig.scala#L26)

this causes the LDAP group search config to Nonempty causing line 63 to execute always instead of line 64.

FIX: Removed LDAP config inheriting from the parent level

[moliware]

The desired workflow would be:

• If LDAP_GROUP is unset then check user auth (line 64)
• if LDAP_GROUP is set then check user auth and group membership.

I don't see a problem on inherit base-dn and user-attr-template from parent. I see problematic that group membership is test and LDAP_GROUP is not set.

Could you confirm that LDAP_GROUP was unset when you did the test?

Thank you!!

[bhataprameya]

The desired workflow would be:

• If LDAP_GROUP is unset then check user auth (line 64)
• if LDAP_GROUP is set then check user auth and group membership.

I don't see a problem on inherit base-dn and user-attr-template from parent. I see problematic that group membership is test and LDAP_GROUP is not set.

Could you confirm that LDAP_GROUP was unset when you did the test?

Thank you!!

Yes, LDAP_GROUP is unset.

please try this docker-compose file with version 0.9.4 : https://github.com/lmenezes/cerebro/blob/main/examples/open_ldap/docker-compose.yml
you will see that it fails with Missing required setting [bind-dn]