Hi,

Could you add an login option, to enable the case sensitive ?

In the files "LdapServer.class.php" ligne 362, just need to add ":caseExactMatch:" like this:
$filter = '('. $this->user_attr . ':caseExactMatch:=' . $ldap_username . ')';

Thanks

Comments

johnbarclay’s picture

Title: Login case sensitive » LDAP Authentication: Login case sensitive
Version: 7.x-1.0-beta5 » 7.x-1.x-dev
Status: Active » Postponed (maintainer needs more info)

Is the caseExactMatch:= attribute a general ldap standard, or specific to a specific implementation? Since drupal doesn't use case sensitivity in its user names, this has some usability issues if 2 users have the same username with different cases. Can you explain your use case a little? Thanks. Would be fairly simple to do.

sir_squall’s picture

Hi,

The ":caseExactMatch:" match is a ldap standard option, you can look the rfc : http://tools.ietf.org/html/rfc3698#section-2.2

The case is simple, drupal is casesensitive on user login, and your query is not, is for that it will be nice if you implement an option for that.

Thanks

johnbarclay’s picture

Drupal handles usernames inconsistently as far as case sensitivity.

- won't allow the same username with different case in account creation
- preserves case in users.name field in database
- on logon, mixed or lowercase results will yield same results regardless of case stored in users.name

So I don't see how the ldap module can work with ldap derived usernames that are case sensitive. This is a simple thing to implement, I just don't see the use case. And without a use case its just more UI clutter and code to maintain.

sir_squall’s picture

The case is if a user for exemple "jean" exist in the ldap, and he first login in drupal with "Jean" with the first in upper case.
Your module ldap_autorization, file "ldap_autorization.inc" ligne: 394 , try to match the user "Jean" on the ldap but he can't find this user because he don't exist (in the ldap the user is "jean" in lower case), then your module can't match his role.

If you put the caseExactMatch:, we don't have this error, because the user drupal is equal to the user on the ldap, and your module can retreive his role information, is for that I have proposed this attribute.

johnbarclay’s picture

If I understand you correctly, simply using caseIgnoreMatch by default and not giving any configuration options in the U.I. should accomplish the same result?

sir_squall’s picture

Yes you can do this, using caseIgnoreMatch by default, accomplish the same result.

verta’s picture

Subscribing

johnbarclay’s picture

Version: 7.x-1.x-dev » 7.x-2.x-dev
larowlan’s picture

Issue summary: View changes
Status: Postponed (maintainer needs more info) » Closed (outdated)

>12 months without an update