Defect #2473

Login and mail should not be case sensitive

Added by Teddy L over 1 year ago. Updated 2 months ago.

Status:Closed Start:2009-01-08
Priority:High Due date:
Assigned to:Eric Davis % Done:

100%
Category:Accounts
Target version:1.0.0 (RC)
Affected version:0.8.0 Resolution:Fixed

Description

Actually, uniqueness tests on login and mail fields are case sensitive, so you can have many accounts with same login and/or mail. And the "=" statement isn't case sensitive for strings on all databases, the method find_by_login need a fix to be case insensitive like find_by_mail.

For example, when i use Redmine with sqlite3, there are sides effects with "On the fly" ldap acounts creation and with SVN users automatic assignement because of find_by_login matching "login" with "login" but not "login" with "Login" ...

user_rb.patch - Patch file for user.rb generated by TortoiseSVN 1.5.6 (1.6 KB) Teddy L, 2009-01-08 21:24

redmine-0.9-stable-r3695-login_case_insensitive.patch - Case insensitive login patch for the Redmine 0.9-stable (1.2 KB) Stanislav German-Evtushenko, 2010-04-29 13:25

Related issues

related to Patch #4732: Make login case-insensitive also for PostgreSQL Closed 2010-02-03
duplicated by Feature #2330: Option for able to turn on case insensitive login Closed 2008-12-12

Associated revisions

Revision 2253
Added by Jean-Philippe Lang over 1 year ago

Makes email adress uniqueness case-insensitive (#2473).

Revision 3807
Added by Eric Davis 2 months ago

Change User#login to be case-insensitive. #2473

This change also overrides User#find_by_login to give priority to exact
matches in the login.

Contributed by Greg Mefford

Revision 3813
Added by Eric Davis 2 months ago

Force string comparison for login search to be case sensitive on MySQL. #2473

Contributed by Holger Just.

History

Updated by Stanislav German-Evtushenko over 1 year ago

Duplicate #2330

Updated by Tony Arnold over 1 year ago

Is this patch going to be included in the core redmine product? We're having problems with our LDAP logins at present - we treat usernames as being case-insensitive, however redmine currently does not.

Updated by Stanislav German-Evtushenko 9 months ago

Tony Arnold wrote:

Is this patch going to be included in the core redmine product? We're having problems with our LDAP logins at present - we treat usernames as being case-insensitive, however redmine currently does not.

It will be great if it's included in redmine. We have the same problem.

Updated by Stanislav German-Evtushenko 8 months ago

Teddy L wrote:

Actually, uniqueness tests on login and mail fields are case sensitive, so you can have many accounts with same login and/or mail. And the "=" statement isn't case sensitive for strings on all databases, the method find_by_login need a fix to be case insensitive like find_by_mail.

For example, when i use Redmine with sqlite3, there are sides effects with "On the fly" ldap acounts creation and with SVN users automatic assignement because of find_by_login matching "login" with "login" but not "login" with "Login" ...

Thank you, Teddy! Your patch works with 0.8-stable!

Updated by Marcel Waldvogel 4 months ago

Patch #4732 addresses the same problem, but there at least PostgreSQL and MySQL should use the index instead of a table scan.

Dear maintainers: Please do include one of those fixes!

Updated by Eric Voisard 4 months ago

Just a comment: In the SMTP point of view, the local part of email addresses IS case-sensitive (RFC821, RFC822, RFC2821). is not the same mailbox as . Don't you think considering email addresses as case insensitive could have some undesired side effects?...

Updated by Felix Schäfer 2 months ago

  • Target version set to 1.0.0 (RC)

Updated by Eric Davis 2 months ago

  • Status changed from New to Closed
  • Assigned to set to Eric Davis
  • % Done changed from 0 to 100
  • Resolution set to Fixed

I've committed a patch by Greg Mefford that makes the user login's case insensitive (r3807).

Also available in: Atom PDF