Dear All, first of all, thank you a lot for providing Shiro, which we use to authenticate and authorize against Active Directory.
Unfortunately one of our clients uses case sensitive spelling for the definition of the MAIL attribute, e.g. [email protected] When the user logs-on to our application with exactly that spelling, we will confirm all the assigned roles according to the MEMBEROF attribute. However, when any different upper-case or lower-case spelling is used (like [email protected]), we can authenticate the user, but we fail to get the roles. What looks like a minor issue is a maintenance nightmare, because the user did everything correct (username/password has been accepted), the AD admins did everything correct, we do not see any error -- but still the user does not get authorized. Is there any way to: a) switch of case-sensitivity for the authorization and/or (role will be found case-insensitive) b) make it consistent with the authentication (either case sensitive or case-insensitive). Thank you all in advance and cheers Andreas
