Fix usernames being case sensitive

mgaffigan · mgaffigan · commit 141750bb4ebc · 2025-11-26T12:40:10.000-06:00
Signed-off-by: Mitch Gaffigan &lt;mitch.gaffigan@comcast.net&gt;
diff --git a/server/dbconf/derby/derby-user.xml b/server/dbconf/derby/derby-user.xml
@@ -33,7 +33,7 @@
 		FROM PERSON
 		<where>
          	<if test='id != null'>ID = #{id}</if>
-         	<if test='username != null'>AND USERNAME = #{username}</if>
+         	<if test='username != null'>AND LOWER(USERNAME) = LOWER(#{username})</if>
       	</where>
 	</select>
 
diff --git a/server/dbconf/oracle/oracle-user.xml b/server/dbconf/oracle/oracle-user.xml
@@ -33,7 +33,7 @@
 		FROM PERSON
 		<where>
 			<if test="id != null">ID = #{id}</if>
-			<if test="username != null">AND USERNAME = #{username}</if>
+			<if test="username != null">AND LOWER(USERNAME) = LOWER(#{username})</if>
 		</where>
 	</select>
 
diff --git a/server/dbconf/postgres/postgres-user.xml b/server/dbconf/postgres/postgres-user.xml
@@ -29,7 +29,7 @@
 		FROM PERSON
 		<where>
          <if test='id != null'>AND ID = #{id}</if>
-         <if test='username != null'>AND USERNAME = #{username}</if>
+         <if test='username != null'>AND LOWER(USERNAME) = LOWER(#{username})</if>
       </where>
 	  </select>
    <select id='getUserCredentials'
diff --git a/server/src/com/mirth/connect/server/controllers/DefaultUserController.java b/server/src/com/mirth/connect/server/controllers/DefaultUserController.java
@@ -333,7 +333,7 @@ public LoginStatus authorizeUser(String username, String plainPassword, String s
                     if (loginRequirementsChecker.isPasswordExpired(passwordTime, currentTime)) {
                         // Let 0 be infinite grace period, -1 be no grace period
                         if (passwordRequirements.getGracePeriod() == 0) {
-                            loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS_GRACE_PERIOD, "Your password has expired. Please change your password now.");
+                            loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS_GRACE_PERIOD, "Your password has expired. Please change your password now.", validUser.getUsername());
                         } else if (passwordRequirements.getGracePeriod() > 0) {
                             // If there has never been a grace time, start it now
                             long gracePeriodStartTime;
@@ -351,7 +351,7 @@ public LoginStatus authorizeUser(String username, String plainPassword, String s
 
                             long graceTimeRemaining = loginRequirementsChecker.getGraceTimeRemaining(gracePeriodStartTime, currentTime);
                             if (graceTimeRemaining > 0) {
-                                loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS_GRACE_PERIOD, "Your password has expired. You are required to change your password in the next " + loginRequirementsChecker.getPrintableGraceTimeRemaining(graceTimeRemaining) + ".");
+                                loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS_GRACE_PERIOD, "Your password has expired. You are required to change your password in the next " + loginRequirementsChecker.getPrintableGraceTimeRemaining(graceTimeRemaining) + ".", validUser.getUsername());
                             }
                         }
 
@@ -374,7 +374,7 @@ public LoginStatus authorizeUser(String username, String plainPassword, String s
 
                 // If nothing failed (loginStatus != null), set SUCCESS now
                 if (loginStatus == null) {
-                    loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS, "");
+                    loginStatus = new LoginStatus(LoginStatus.Status.SUCCESS, "", validUser.getUsername());
 
                     // Clear the user's grace period if one exists
                     if (validUser.getGracePeriodStart() != null) {
