authentication sources: sponsor rule should not match when login in admin

[nqb]

When you try to logon on Web Admin, if your user matches a source with a "Mark as sponsor" rule before an "Access level" rule, you can't logon to Web Admin.

The opposite has been fixed in #1858.

Steps to reproduce:

• Use following authentication.conf:

[AD_User_auth_sponsor]
cache_match=0
read_timeout=10
realms=
password=**removed**
scope=sub
binddn=**removed**
port=389
description=User Auth for sponsor
write_timeout=5
type=AD
basedn=**removed**
monitor=1
set_access_level_action=
shuffle=0
email_attribute=mail
usernameattribute=sAMAccountName
connection_timeout=5
encryption=none
host=**removed**

[AD_User_auth_sponsor rule sponsoring]
action0=mark_as_sponsor=1
condition0=primaryGroupID,equals,513
match=all
class=administration
description=marks user as sponsor

[AD_User_auth_admin]
cache_match=0
read_timeout=10
realms=
password=**removed**
scope=sub
binddn=**removed**
port=389
description=User Auth for admin
write_timeout=5
type=AD
basedn=**removed**
monitor=1
set_access_level_action=
shuffle=0
email_attribute=mail
usernameattribute=sAMAccountName
connection_timeout=5
encryption=none
host=**removed**

[AD_User_auth_admin rule admin_pf]
action0=set_access_level=ALL
condition0=primaryGroupID,equals,1013
match=all
class=administration
description=gives admin access to pf GUI

• Try to logon on Web Admin
• Check log
  => You will see that AD_User_auth_sponsor rule will match before AD_User_auth_admin rule.

Expected result(s): sponsor rule should not match when login in Web Admin.

[nqb]

I close this issue because I discover other unexpected results during my tests : I will open an issue related to sponsor and admin access through admin rules.