X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FAuthentication%2FStore%2FLDAP%2FBackend.pm;h=d26b629814e3a4e998c7cdadbbe893e8c89fb827;hb=5772b468e2ba710b207bd18ae0b201ca8edb45e1;hp=b7b17a7efb1386011d3eaee62909a5c2c1df60e7;hpb=89e899b3685e6a4a8155171041e03d109305adc3;p=catagits%2FCatalyst-Authentication-Store-LDAP.git

diff --git a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
index b7b17a7..d26b629 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
@@ -314,8 +314,11 @@ sub lookup_user {
 
     # a little extra sanity check with the 'eq' since LDAP already
     # says it matches.
+    # NOTE that Net::LDAP returns exactly what you asked for, but
+    # because LDAP is often case insensitive, FoO can match foo
+    # and so we normalize with lc().
     if ( defined($entry) ) {
-        unless ( $entry->get_value($user_field) eq $id ) {
+        unless ( lc( $entry->get_value($user_field) ) eq lc($id) ) {
             Catalyst::Exception->throw(
                 "LDAP claims '$user_field' equals '$id' but results entry does not match."
             );