From: Peter Karman <perl@peknet.com>
Date: Tue, 9 Sep 2008 21:06:44 +0000 (+0000)
Subject: fix rt bug 339113
X-Git-Tag: v0.1003~4
X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=5772b468e2ba710b207bd18ae0b201ca8edb45e1;p=catagits%2FCatalyst-Authentication-Store-LDAP.git

fix rt bug 339113
---

diff --git a/Changes b/Changes
index d7cdb60..21e156b 100644
--- a/Changes
+++ b/Changes
@@ -1,6 +1,8 @@
 0.1003 xxxx
     - get entries in array context rather than scalar context, 
       allowing for multiple values. patch by scpham.
+    - lc() to compare Net::LDAP results with supplied $id
+      bug reported via RT #39113
 
 
 0.1002  9 July 2008
diff --git a/META.yml b/META.yml
index b1fc9ee..f94a169 100644
--- a/META.yml
+++ b/META.yml
@@ -19,4 +19,4 @@ no_index:
 requires: 
   Catalyst::Plugin::Authentication: 0.10003
   Net::LDAP: 0
-version: 0.1002
+version: 0.1003_01
diff --git a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
index b7b17a7..d26b629 100644
--- a/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
+++ b/lib/Catalyst/Authentication/Store/LDAP/Backend.pm
@@ -314,8 +314,11 @@ sub lookup_user {
 
     # a little extra sanity check with the 'eq' since LDAP already
     # says it matches.
+    # NOTE that Net::LDAP returns exactly what you asked for, but
+    # because LDAP is often case insensitive, FoO can match foo
+    # and so we normalize with lc().
     if ( defined($entry) ) {
-        unless ( $entry->get_value($user_field) eq $id ) {
+        unless ( lc( $entry->get_value($user_field) ) eq lc($id) ) {
             Catalyst::Exception->throw(
                 "LDAP claims '$user_field' equals '$id' but results entry does not match."
             );