Regarding the impossibility of password case-insensitivity, I only meant
that it would be impossible to do it for ALL AuthBy types, since some of
them (at least one) are one-way encrypted. Certainly it could be done with
some of them.
Anyways, I see your problem with the case thing. The rewrite handles the
right side of your comparison, but gah! the left side is tough. AuthCDB ties
a hash to the cdb file, of course, with the unfortunate side effect that all
of the case-sensitivity is internal to perl. That is, hash keys are case
sensitive and there's not much you can do about it (short of building a
hacked perl - hehe). I don't see any way around scrubbing the file and
making sure that all present and future user names are downcased in the cdb
itself, then letting RewriteUsername catch the matches. :(
Well, you *could* rewrite AuthCDB, but the performance hit that would be
involved in accessing it any other way would be enormous (you'd have to roll
through the whole CDB looking for matches instead of taking advantage of a
nice fast hash). But I digress....
Mike Nerone <mailto:[EMAIL PROTECTED]>
Network Operations Manager
Internet Direct, Inc. <http://www.idworld.net/>
> -----Original Message-----
> From: Dave Kitabjian [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, March 08, 2000 3:09 PM
> To: [EMAIL PROTECTED]
> Cc: 'Mike Nerone'
> Subject: RE: (RADIATOR) How to make username case-INsensitive?
>
>
> Thank you both for your replies.
>
> RewriteUsername would work fine except for one major problem: I
> don't know
> the case of the username as stored in the database. Names are entered
> automatically by customer request software (ie, the CD our ISP ships out).
>
> Regarding that it would be "impossible", I'm not convinced of
> that yet. I'm
> not sure how the various AuthBy algorithms work, but in SQL, for example,
> you'd simply do:
>
> SELECT username
> FROM Accounts
> WHERE LOWER(username) = LOWER(User-Name)
>
> In otherwords, compare the lower (or upper) case variety of each for
> matches. That is the functionality that I'm seeking. Otherwise, I'm going
> to have to clean all our existing data, and then implement some code to
> intercept all db entries and convert them to lower case. I was hoping to
> avoid that mess.
>
> Dave
>
> On Wednesday, March 08, 2000 3:30 PM, Mike Nerone
> [SMTP:[EMAIL PROTECTED]] wrote:
> > All you need is to add a line to your config file, such as:
> >
> > RewriteUsername tr/A-Z/a-z/
> >
> > This example is given in the Radiator docs. As far as the
> IgnorePasswordCase
> > thing, that would be really tough (read "impossible") to do in a
> consistent
> > way, because, for example, when authorizing by the Unix passwd file, you
> > don't know how the case of the stored, encrypted password. You'd have to
> > literally try every possible upper/lowercase combination exhaustively
> before
> > giving up. Besides, as an security-concious admin, I would say that
> > passwords SHOULD be case-sensitive.
> >
> > Mike Nerone <mailto:[EMAIL PROTECTED]>
> > Network Operations Manager
> > Internet Direct, Inc. <http://www.idworld.net/>
> >
> >
> > > -----Original Message-----
> > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> > > Behalf Of Dave Kitabjian
> > > Sent: Wednesday, March 08, 2000 12:22 PM
> > > To: [EMAIL PROTECTED]
> > > Subject: (RADIATOR) How to make username case-INsensitive?
> > >
> > >
> > > I thought this would be a FAQ, but I can't seem to find it addressed
> > > anywhere.
> > >
> > > The subject says it all. I'm using AuthBy=CDB, and I want to simply
> allow
> > > case-errors in the username (not the password) to be permitted. We are
> > > about to switch it live, and since our current radius, RadiusNT, is
> > > case-insensitive for the username, I'm afraid I will anger lots of
> > > customers when I switch over to Radiator.
> > >
> > > I assumed there would be a common AuthBy setting such as
> > > IgnoreUsernameCase
> > > and IgnorePasswordCase, but I didn't see any.
> > >
> > > Thanks in advance for the help!
> > >
> > > Dave
> > >
> > > ===
> > > Archive at http://www.starport.net/~radiator/
> > > To unsubscribe, email '[EMAIL PROTECTED]' with
> > > 'unsubscribe radiator' in the body of the message.
> > >
> >
>
===
Archive at http://www.starport.net/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
