DNs in the TACC LDAP are case insensitive, meaning that the usernames "jstubbs" and "JSTUBBS" are equivalent for the purposes of a bind. This means that a user can enter different usernames that are the same up to lowercase() and generate JWTs with different subjects. We should add a check for all tenants using the TACC LDAP that rejects any bind attempt for usernames that contain non-lowercase letters.
DNs in the TACC LDAP are case insensitive, meaning that the usernames "jstubbs" and "JSTUBBS" are equivalent for the purposes of a bind. This means that a user can enter different usernames that are the same up to lowercase() and generate JWTs with different subjects. We should add a check for all tenants using the TACC LDAP that rejects any bind attempt for usernames that contain non-lowercase letters.