I think this is really a directory issue. Many LDAP attributes (e.g.
uid, cn, ou, c) are defined by the relevant LDAP schema to be
case-insensitive. For example, uid=rune,o=mycompany and
uid=Rune,o=mycompany are just two ways of representing the same
distinguished name; a search for uid=Rune will find the same entries as
one for uid=rune.
In theory, you could choose an LDAP attribute that is case-sensitive to
hold the username (you might have to define a suitable attribute).
However, note that with OpenLDAP 2.0.x the matching rule for attributes
values is ignored when comparing DNs, so that probably still won't work.
This problem is said to be fixed in 2.1.x.
John.
Rune Hamnvik wrote:
> Hello
> We are using JNDIRealm together with OpenLDAP to implement
> authentication/authorization on Tomcat 4.0.4. But, we have one problem.
> JNDIRealm seems to ignore case in the username. A user with username rune
> can log in with both rune and Rune, but we use the username of the logged in
> user several other places. For instance, we use the remote user to connect
> to a POP3 server and to search i a database.
>
> Is it possible to configure the JNDIRealm to not ignore case in the
> username, or do we have to live with it ?
>
> Rune Hamnvik
> Mobinor AS
> Norway
>
>
> --
> To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
|