Hi Daniel! Daniel-Constantin Mierla wrote: Yes it is postgres but AFAIK SQL queries are per default always case sensitive. Here is the query from avp_db_load when the SIP request has sip:KLAUS.darilion@example.com in the From URI: select value,attribute,type from conference_extension where username='KLAUS.darilion' AND domain='example.com' AND attribute='106' As you see it is "username='string'" and a "=" comparison is case sensitive. For example in registrar module there is a module parameter for case insensitive lookups which will convert the strings into lower case for all SQL queries. The problem is also with dbaliases module: if a user calls John.Doe@domain instead of john.doe@domain (which is the alias) it won't work: select username,domain from dbaliases where alias_username='JohnDoe' AND alias_domain='example.com' As you see the keys used by dbaliases module are the RURI. I think the only solution would be to have a case_sensitive parameter (like in registrar module) in all relevant modules. What do you think? regards klaus

Juha Heinanen wrote: You are right. I've tested it and mysql indeed compares case insensitive. In postgresql you have to use ILIKE for case insensitive string comparison. Any ideas how we can make this consistent for openser? regards klaus

At 12:52 19/10/2007, Daniel-Constantin Mierla wrote: What I consider a proper behaviour is 1) getting usernames into a normalized string form (%-escapes, upper/lower-case, local naming policies, internatilization, ettc., etc.) - failure not to do so is likely to result in mismatch 2) translation of normaized names into unambiguous unique ids - failure to do is is likely to caused difficulties with aliases (domain aliases, user aliases, combination of both) 3) doing subsequent operations using ids. See above inline for what happens when you do it other ways. In any case that's how unambiguous behaviour shall be achieved in a "water-proof" way. looking up user data by his username as opposed to by id is just very poor idea, let's face it. (those familiar with unix may find too that usernames are used as input/output user-interface thing, but the OS actually operates over numbers) The funny part is that getting things right is apparently not a big deal in this case, but getting it wrong can cause big headaches. I am not sure though what of it is coding and what of it is configuration thing in openser, I'm sure some will know. -jiri -- Jiri Kuthan http://iptel.org/~jiri/

At 16:37 19/10/2007, Klaus Darilion wrote: Yes. Partially, that's domain policy (such as ignoring case or not), partialy that's protocol thing (e.g. escape codes) Still, it is just the step one which deal with letter canonization, in the next level canonization of the whole names is due. Not sure what you mean -- a function like bring_to_lowercase($uri.username) .... it may be actually reasonable to bring this canonization step in scripting as opposed in some module parameters (I generally like a more explicite way of expressing the policy). Anyhow -- just to solve your specific mini-problem, it would be worth looking if there is a case-sensitive option in usrloc/registrar in openser. It used to be in SER and chance is good openser has inherited in. In SER the option was removed from registrars/usrloc since they operate over IDs and URI->id functions are today hirdwired case-insensitive, even though it is not the best reflection of it being actually a subject to administrative policy. I would favor doing it out of script as you suggest better. -jiri -- Jiri Kuthan http://iptel.org/~jiri/

Jiri Kuthan wrote: I don't understand why username@domain is not unique enough? According to RFC 3261 section 19.1.4, SIP usernames are case sensitive, so you actually shouldn't convert them to upper/lower-case. And user/domain aliases is a different issue since it always involves some kind of alias mapping lookup. /Christian

Norman Brandinger wrote: Hi Norman! This way I can make MYsql case sensitive. Do you also know a trick to make postgresql case insensitive? regards klaus

At 17:34 19/10/2007, Christian Schlatter wrote: sometimes it is christian(a)domain.com, sometimes christian.schlatter(a)domain.com, sometimes it is christian.schlatter@.domain.org or even worse you can take your spouses' name and from day D you begin to be christian.blair(a)domain.org, and your company gets acquired and you become christian.blair(a)oracle.com. (Which clients without DNS/SRV can try to reach as christian.blair(a)sip.oracle.com, and those who pay extra respect to you using capital letters as Christian.Blair(a)sip.oracle.com) The implication to sanity of data in usrloc, accounting and other tables is immense if you don't bring those to a common denominator. Any change to any name becomes a real pain. The point is names do changes, use of numbers is designed to make relations between tables invariable. That's a protocol thing. An example implication is that you shall not forward SIP request to other domains whilst changing the URI. However, if you are processing a request for your domain, you own the username and the way you process it is subject to your policy. You can use an LDAP alias to expand to other URI, you can do call-forwarding by rewriting the URI to something completely else, you can expand a speed-dial to a full URI, you can do anything you desire with the username you own. I personally prefer to ignore case, but the key point is you are allowed to and should set a coherent policy on how you deal with names. That's the separate things following the same scheme indeed. If you don't want to do a data migration story on any name change, use IDs, for example UUIDs. -jiri

Christian Schlatter schrieb: Hi Christian! Is LDAP case sensitive? regards klaus

At 18:46 19/10/2007, Christian Schlatter wrote: yes. Well, I have though of it from SER angle with mysql usage and can't easily relieve myself from that viewpoint and may be a bit confused too -- how do you think a database-centric model would look like? I understand that for example the case-sensitive bit can be set as part of DB scheme definition -- is that the kind of things you have on your mind? In which case a counter-argument would be, that case-sensitiviness is a matter of local policy (i.e. app) which is more dynamic (e.g. per-domain) than schema definition is. How would a DB-specific way of dealing with things handle multiple aliases? (cs|christian|....)? If that's it, what is the division line between app's and databases responsibility? I'm not sure what it means it doesn't care.... who does resolve aliases for users (cristian|cs) and domains (.net|.com) so that whatever comes out of it can be matched to for example accounting data? who take care of case-sensitivness? Actually what is "identity managment" -- it became a bit too popular expresssion so that its meaning is a bit fluid to me... anyhow, I will be thankful for any hints. Identity is indeed very important. It is actually a reasonable policy (at least from my POV), but a policy should not be hardwired in code. -jiri

At 18:33 19/10/2007, Klaus Darilion wrote: Just to make it clear -- that's not an RFC3261 bug -- the interop reasoning is you can't change things you don't "own", what you do about your own stuff nobody cares. You can't forward a(a)other.domain to other domain as A(a)other.domain because you don't know if the other domain is case-sensitive or not. If you translare klaus.darilion to kd or KD or whatever localy, you don't conflict with the RFC -- making URIs more "accurate" to get them to the proper recepient is the key role of a proxy server. -jiri -- Jiri Kuthan http://iptel.org/~jiri/

At 16:34 19/10/2007, Klaus Darilion wrote: Not sure what the openser's best recommended way is, but a short look at the data structures tells me that the ID is part of the subscribers structure... subscriber.xml: <column id="id"> <name>id</name> <type>unsigned int</type> So it is just about looking at the manuals where the lookup is actually being done. I was guessing the id lookup to be part of auth module but haven't find it there, some folks with better knowledge of the openser diffs will hopefuly help to navigate to the right place. -jiri -- Jiri Kuthan http://iptel.org/~jiri/