This is what I did for our JDBC realm....forced uppercase with javascript on the alphan-numeric user id. Then the password was whatever they made it, even though it was case sensitive.
Trying to figure out what the good of making passwords case-insensitive would be. Purpose-defeating at best it seems. -----Original Message----- From: Gregor Schneider [mailto:rc4...@googlemail.com] Sent: Sunday, February 22, 2009 3:12 PM To: Tomcat Users List Subject: Re: Authenticating Users To the OP: 1. May I ask what database it is you're using? 2- I'd go for the following solution: Create a JSP-page accepting the credentials. The username should be converted to uppercase. The password should be left as is so that case-sensivity here is maintained. Don't know if I'm missing something, but to me that looks like a walk in the park. Rgds Gregor -- just because your paranoid, doesn't mean they're not after you... gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2 gpgp-key available @ http://pgpkeys.pca.dfn.de:11371 --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org