On Wed, 30 Mar 2005 14:03:49 -0500 John Peacock <jpeacock@rowman.com> wrote:
Gerald V. Livingston II wrote:
What I don't understand is -- all usernames in my test database are stored in lower case -- shouldn't it simply fail to match and cause the login to fail? Can anyone point out how to force the match to be case sensitive?
If you are using MySQL, all string comparisons are case insensitive by default.
To make username case sensitive at login so it fails if it doesn't match what's in your database change this in your dovecot-mysql.conf:
password_query = SELECT password FROM mailbox WHERE username = BINARY '%u'
NOTE: this means that you have to make sure ALL database entries are in the case you want used. This just makes login FAIL if the username does not match EXACTLY what is stored in the database.
Now, it would be nice to be able to CONVERT username case to lower-case before checking against the database and remove the exact match criteria. this would avoid my having to explain to customers that they have to log in using all lower case but can, in fact, put mixed case in the "email address" and "reply to" field of their email clients. It would also avoid the occasional problem I know I'll have with techs entering new customer email addresses exactly as they request them, case and all. PostFix uses lower case on delivery (or else it delivers to the "closest match" -- haven't done full testing yet -- my install of postfix.admin seems to convert to lower before writing new info to the database so I'll have to create an uppercase user by hand).
It would be "nicer" though if Dovecot converted all username input to lower case before authenticating to maintain uniqueness of email addresses.
No, it should be a configurable option, since some sites would want that and others wouldn't...
You are correct of course. It's just that with the introduction of M$ clients to the internet case sensitive "usernames" got FUBARd many years ago. My first linux machines had several logins that I used for different purposes. Gerald, geralD, GERALD, etc. They each had different 'sudo' rights for certain system maintenance rights. When I got "net-connected" with Liux I got out of that habit.
Gerald