Resurrecting this thread. . .
I think I'm misunderstanding where we landed on this issue. On the one hand, it seems like there are tests to assert that uniqueness of names is case-sensitive. On the other, some folks have identified reasons why they would want case-insensitivity on uniqueness checks for creating new users. Still others I think have wisely pointed out that we should probably get out of the business of creating users. Trying to incorporate all of these perspectives, I propose the following: 1) We add a configuration option to just the keystone sql identity driver to force case-sensitivity on uniqueness checks. I'm pretty sure there is a way to do this in sqlalchemy, basically whatever is equivalent to 'SELECT * FROM user WHERE BINARY name = %s'. This config option would only affect create_user and update_user. 2) We always force case-sensitive comparison for get_user_by_name, using a similar mechanism as above. By focusing on changes to queries we needn't bother with a migration and can make the behavior a deployer choice. Is this a bad goal or approach? IANADBA, markwash
_______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
