Justin Erenkrantz wrote:
Why should we diverge based on the server's platform? -- justin
+1; this is a huge concern. I agree with others that the option to flip to a case-insensitive username is nice, I don't think it's an admin control (or shouldn't be tested as the admin control). It should probably be populated by the auth mechanism itself, which will know if it did a case insensitive compare, or a case insensitive lookup from NIS or SQL etc. So... * if there is a user flag to allow case insensitive user names, that must be a directive at the auth provider * the auth provider needs to tag the username identified as either case sensitive or case sensitive, for later providers such as group lookups to behave properly.