Index: app/models/auth_source_ldap.rb
===================================================================
--- app/models/auth_source_ldap.rb	(revision 5657)
+++ app/models/auth_source_ldap.rb	(working copy)
@@ -21,7 +21,7 @@
 class AuthSourceLdap < AuthSource 
   validates_presence_of :host, :port, :attr_login
   validates_length_of :name, :host, :maximum => 60, :allow_nil => true
-  validates_length_of :account, :account_password, :base_dn, :maximum => 255, :allow_nil => true
+  validates_length_of :account, :account_password, :base_dn, :filter, :maximum => 255, :allow_nil => true
   validates_length_of :attr_login, :attr_firstname, :attr_lastname, :attr_mail, :maximum => 30, :allow_nil => true
   validates_numericality_of :port, :only_integer => true
   
@@ -104,10 +104,22 @@
     ldap_con = initialize_ldap_con(self.account, self.account_password)
     login_filter = Net::LDAP::Filter.eq( self.attr_login, login ) 
     object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) 
+
+    filter = login_filter & object_filter
+    if not self.filter.blank?
+      begin
+        custom_filter = Net::LDAP::Filter.construct( self.filter )
+        filter = filter & custom_filter
+      rescue Net::LDAP::LdapError => e
+        logger.error "Error during authentication: #{e.message}"
+        return nil
+      end
+    end
+
     attrs = {}
     
     ldap_con.search( :base => self.base_dn, 
-                     :filter => object_filter & login_filter, 
+                     :filter => filter, 
                      :attributes=> search_attributes) do |entry|
 
       if onthefly_register?
Index: app/views/ldap_auth_sources/_form.rhtml
===================================================================
--- app/views/ldap_auth_sources/_form.rhtml	(revision 5657)
+++ app/views/ldap_auth_sources/_form.rhtml	(working copy)
@@ -23,6 +23,9 @@
 <p><label for="auth_source_base_dn"><%=l(:field_base_dn)%> <span class="required">*</span></label>
 <%= text_field 'auth_source', 'base_dn', :size => 60 %></p>
 
+<p><label for="auth_source_filter"><%=l(:field_filter)%></label>
+<%= text_field 'auth_source', 'filter', :size => 60 %></p>
+
 <p><label for="auth_source_onthefly_register"><%=l(:field_onthefly)%></label>
 <%= check_box 'auth_source', 'onthefly_register' %></p>
 </div>
Index: db/migrate/001_setup.rb
===================================================================
--- db/migrate/001_setup.rb	(revision 5657)
+++ db/migrate/001_setup.rb	(working copy)
@@ -43,6 +43,7 @@
       t.column "account", :string, :limit => 60
       t.column "account_password", :string, :limit => 60
       t.column "base_dn", :string, :limit => 255
+      t.column "filter", :string, :limit => 255
       t.column "attr_login", :string, :limit => 30
       t.column "attr_firstname", :string, :limit => 30
       t.column "attr_lastname", :string, :limit => 30
Index: db/migrate/20110505224753_add_filter_to_auth_sources.rb
===================================================================
--- db/migrate/20110505224753_add_filter_to_auth_sources.rb	(revision 0)
+++ db/migrate/20110505224753_add_filter_to_auth_sources.rb	(revision 0)
@@ -0,0 +1,10 @@
+class AddFilterToAuthSources < ActiveRecord::Migration
+  def self.up
+    add_column :auth_sources, :filter, :string, :limit => 255
+  end
+
+  def self.down
+    remove_column :auth_sources, :filter
+  end
+end
+
Index: config/locales/en.yml
===================================================================
--- config/locales/en.yml	(revision 5657)
+++ config/locales/en.yml	(working copy)
@@ -265,6 +265,7 @@
   field_port: Port
   field_account: Account
   field_base_dn: Base DN
+  field_filter: Filter
   field_attr_login: Login attribute
   field_attr_firstname: Firstname attribute
   field_attr_lastname: Lastname attribute