GUACAMOLE-1239: Add case-sensitivity configuration for UserGroup objects and remove per-extension configuration.

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/HistoryTrackingConnection.java

@@ -23,11 +23,12 @@ import com.google.inject.Inject;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
-
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.jdbc.connection.ConnectionRecordMapper;
 import org.apache.guacamole.auth.jdbc.connection.ConnectionRecordModel;
 import org.apache.guacamole.auth.jdbc.connection.ModeledConnectionRecord;
+import org.apache.guacamole.environment.Environment;
+import org.apache.guacamole.environment.LocalEnvironment;
 import org.apache.guacamole.net.GuacamoleTunnel;
 import org.apache.guacamole.net.auth.Connection;
 import org.apache.guacamole.net.auth.DelegatingConnection;
@@ -57,6 +58,11 @@ public class HistoryTrackingConnection extends DelegatingConnection {
      */
     private final ConnectionRecordMapper connectionRecordMapper;
     
+    /**
+     * The environment in which Guacamole is running.
+     */
+    private final Environment environment = LocalEnvironment.getInstance();
+
     /**
      * Creates a new HistoryConnection that wraps the given connection,
      * automatically creating a history record when the connection is
@@ -100,7 +106,7 @@ public class HistoryTrackingConnection extends DelegatingConnection {
 
         // Insert the connection history record to mark the start of this connection
         connectionRecordMapper.insert(connectionRecordModel,
-                currentUser.isCaseSensitive());
+                environment.getCaseSensitivity());
 
         // Include history record UUID as token
         ModeledConnectionRecord modeledRecord = new ModeledConnectionRecord(connectionRecordModel);

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ActivityRecordMapper.java

@@ -22,6 +22,7 @@ package org.apache.guacamole.auth.jdbc.base;
 import java.util.Collection;
 import java.util.List;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -39,15 +40,15 @@ public interface ActivityRecordMapper<ModelType> {
      * @param record
      *     The activity record to insert.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     Whether or not string comparisons should be done in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner.
+     *     for usernames and group names.
      *
      * @return
      *     The number of rows inserted.
      */
     int insert(@Param("record") ModelType record,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Updates the given activity record in the database, assigning an end
@@ -91,9 +92,9 @@ public interface ActivityRecordMapper<ModelType> {
      * @param limit
      *     The maximum number of records that should be returned.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     Whether or not string comparisons should be done in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner.
+     *     for usernames and group names.
      *
      * @return
      *     The results of the search performed with the given parameters.
@@ -103,7 +104,7 @@ public interface ActivityRecordMapper<ModelType> {
             @Param("terms") Collection<ActivityRecordSearchTerm> terms,
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Searches for up to <code>limit</code> activity records that contain
@@ -143,9 +144,9 @@ public interface ActivityRecordMapper<ModelType> {
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     Whether or not string comparisons should be done in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner.
+     *     for usernames and group names.
      *
      * @return
      *     The results of the search performed with the given parameters.
@@ -157,6 +158,6 @@ public interface ActivityRecordMapper<ModelType> {
             @Param("sortPredicates") List<ActivityRecordSortPredicate> sortPredicates,
             @Param("limit") int limit,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityMapper.java

@@ -21,6 +21,7 @@ package org.apache.guacamole.auth.jdbc.base;
 
 import java.util.Collection;
 import java.util.Set;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -68,6 +69,10 @@ public interface EntityMapper {
      *     that the database engine in question will always support (or always
      *     not support) recursive queries, this parameter may be ignored.
      * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
+     *
      * @return
      *     The set of identifiers of all groups that the given entity is a
      *     member of, including those where membership is inherited through
@@ -75,6 +80,7 @@ public interface EntityMapper {
      */
     Set<String> selectEffectiveGroupIdentifiers(@Param("entity") EntityModel entity,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("recursive") boolean recursive);
+            @Param("recursive") boolean recursive,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/EntityService.java

@@ -22,9 +22,13 @@ package org.apache.guacamole.auth.jdbc.base;
 import com.google.inject.Inject;
 import java.util.Collection;
 import java.util.Set;
+import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.session.SqlSession;
 import org.mybatis.guice.transactional.Transactional;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
@@ -32,6 +36,11 @@ import org.mybatis.guice.transactional.Transactional;
  */
 public class EntityService {
 
+    /**
+     * The Logger for this class.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(EntityService.class);
+    
     /**
      * The Guacamole server environment.
      */
@@ -76,9 +85,22 @@ public class EntityService {
     public Set<String> retrieveEffectiveGroups(ModeledPermissions<? extends EntityModel> entity,
             Collection<String> effectiveGroups) {
 
+        CaseSensitivity caseSensitivity = CaseSensitivity.ENABLED;
+        try {
+            caseSensitivity = environment.getCaseSensitivity();
+        }
+        catch (GuacamoleException e) {
+            LOGGER.warn("Unable to retrieve configuration setting for group "
+                      + "name case sensitivity: {}. Group names will be treated "
+                      + "as case-sensitive.", e.getMessage());
+            LOGGER.debug("An exception was caught while trying to get group name"
+                      + "case sensitivity configuration.", e);
+        }
+        
         // Retrieve the effective user groups of the given entity, recursively if possible
         boolean recursive = environment.isRecursiveQuerySupported(sqlSession);
-        Set<String> identifiers = entityMapper.selectEffectiveGroupIdentifiers(entity.getModel(), effectiveGroups, recursive);
+        Set<String> identifiers = entityMapper.selectEffectiveGroupIdentifiers(
+                entity.getModel(), effectiveGroups, recursive, caseSensitivity);
 
         // If the set of user groups retrieved was not produced recursively,
         // manually repeat the query to expand the set until all effective
@@ -87,7 +109,9 @@ public class EntityService {
             Set<String> previousIdentifiers;
             do {
                 previousIdentifiers = identifiers;
-                identifiers = entityMapper.selectEffectiveGroupIdentifiers(entity.getModel(), previousIdentifiers, false);
+                identifiers = entityMapper.selectEffectiveGroupIdentifiers(
+                        entity.getModel(), previousIdentifiers, false,
+                        caseSensitivity);
             } while (identifiers.size() > previousIdentifiers.size());
         }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectMapper.java

@@ -22,6 +22,7 @@ package org.apache.guacamole.auth.jdbc.base;
 import java.util.Collection;
 import java.util.Set;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -61,11 +62,16 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
      *     The identifiers of any known effective groups that should be taken
      *     into account, such as those defined externally to the database.
      * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
+     *
      * @return
      *     A Set containing all identifiers of all readable objects.
      */
     Set<String> selectReadableIdentifiers(@Param("user") UserModel user,
-            @Param("effectiveGroups") Collection<String> effectiveGroups);
+            @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
     
     /**
      * Selects all objects which have the given identifiers. If an identifier
@@ -77,15 +83,15 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
      * @param identifiers
      *     The identifiers of the objects to return.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if the query should evaluate identifiers in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner, otherwise false.
+     *     for usernames and group names.
      *
      * @return 
      *     A Collection of all objects having the given identifiers.
      */
     Collection<ModelType> select(@Param("identifiers") Collection<String> identifiers,
-                                 @Param("caseSensitive") boolean caseSensitive);
+                                 @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Selects all objects which have the given identifiers and are explicitly
@@ -105,9 +111,9 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
      *     The identifiers of any known effective groups that should be taken
      *     into account, such as those defined externally to the database.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if the query should evaluate identifiers in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner, otherwise false.
+     *     for usernames and group names.
      *
      * @return 
      *     A Collection of all objects having the given identifiers.
@@ -115,7 +121,7 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
     Collection<ModelType> selectReadable(@Param("user") UserModel user,
             @Param("identifiers") Collection<String> identifiers,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Inserts the given object into the database. If the object already
@@ -136,15 +142,15 @@ public interface ModeledDirectoryObjectMapper<ModelType> {
      * @param identifier
      *     The identifier of the object to delete.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if the query should evaluate the identifier in a
+     *     The case sensitivity configuration that contains information on
-     *     case-sensitive manner, otherwise false.
+     *     whether usernames and/or group names will be treated as case-sensitive.
      *
      * @return
      *     The number of rows deleted.
      */
     int delete(@Param("identifier") String identifier,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Updates the given existing object in the database. If the object does 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ModeledDirectoryObjectService.java

@@ -27,9 +27,9 @@ import java.util.Collections;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleSecurityException;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.permission.ObjectPermissionMapper;
 import org.apache.guacamole.auth.jdbc.permission.ObjectPermissionModel;
@@ -37,6 +37,7 @@ import org.apache.guacamole.auth.jdbc.user.UserModel;
 import org.apache.guacamole.net.auth.Identifiable;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.mybatis.guice.transactional.Transactional;
 
 /**
@@ -117,20 +118,20 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
             ModelType model) throws GuacamoleException;
     
     /**
-     * Returns whether or not identifiers for objects provided by this service
+     * Returns the case sensitivity configuration for this service, which will
-     * are handled in a case-sensitive manner or not.
+     * be used to determine whether usernames and/or group names will be treated
+     * as case-sensitive.
      * 
      * @return
-     *     "true" if identifiers handled by this object service should be
+     *     The case sensitivity configuration for this service.
-     *     treated as case-sensitive, otherwise false.
      * 
      * @throws GuacamoleException 
      *     If an error occurs retrieving relevant configuration information.
      */
-    protected boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
         
-        // By default identifiers are not case-sensitive.
+        // Retrieve the Guacamole setting.
-        return false;
+        return environment.getCaseSensitivity();
         
     }
     
@@ -246,7 +247,7 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
             Collection<ModelType> models) throws GuacamoleException {
 
         // Create new collection of objects by manually converting each model
-        Collection<InternalType> objects = new ArrayList<InternalType>(models.size());
+        Collection<InternalType> objects = new ArrayList<>(models.size());
         for (ModelType model : models)
             objects.add(getObjectInstance(currentUser, model));
 
@@ -426,7 +427,7 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
 
         boolean userIsPrivileged = user.isPrivileged();
         
-        boolean caseSensitive = getCaseSensitiveIdentifiers();
+        CaseSensitivity caseSensitivity = getCaseSensitivity();
 
         // Process the filteredIdentifiers in batches using Lists.partition() and flatMap
         Collection<ModelType> allObjects = Lists.partition(filteredIdentifiers, batchSize).stream()
@@ -435,12 +436,12 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
 
                     // Bypass permission checks if the user is privileged
                     if (userIsPrivileged)
-                        objects = getObjectMapper().select(chunk, caseSensitive);
+                        objects = getObjectMapper().select(chunk, caseSensitivity);
 
                     // Otherwise only return explicitly readable identifiers
                     else
                         objects = getObjectMapper().selectReadable(user.getUser().getModel(),
-                                chunk, user.getEffectiveUserGroups(), caseSensitive);
+                                chunk, user.getEffectiveUserGroups(), caseSensitivity);
 
                     return objects.stream();
                 })
@@ -513,7 +514,7 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
         // Add implicit permissions
         Collection<ObjectPermissionModel> implicitPermissions = getImplicitPermissions(user, model);
         if (!implicitPermissions.isEmpty())
-            getPermissionMapper().insert(implicitPermissions, getCaseSensitiveIdentifiers());
+            getPermissionMapper().insert(implicitPermissions, getCaseSensitivity());
 
         // Add any arbitrary attributes
         if (model.hasArbitraryAttributes())
@@ -530,7 +531,7 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
         beforeDelete(user, identifier);
         
         // Delete object
-        getObjectMapper().delete(identifier, getCaseSensitiveIdentifiers());
+        getObjectMapper().delete(identifier, getCaseSensitivity());
 
     }
 
@@ -562,8 +563,11 @@ public abstract class ModeledDirectoryObjectService<InternalType extends Modeled
 
         // Otherwise only return explicitly readable identifiers
         else
-            return getObjectMapper().selectReadableIdentifiers(user.getUser().getModel(),
+            return getObjectMapper().selectReadableIdentifiers(
-                    user.getEffectiveUserGroups());
+                    user.getUser().getModel(),
+                    user.getEffectiveUserGroups(),
+                    getCaseSensitivity()
+            );
 
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/ObjectRelationMapper.java

@@ -22,6 +22,7 @@ package org.apache.guacamole.auth.jdbc.base;
 import java.util.Collection;
 import java.util.Set;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -49,17 +50,16 @@ public interface ObjectRelationMapper<ParentModelType extends ObjectModel> {
      *     The identifiers of the objects on the child side of the one-to-many
      *     relationship represented by the RelatedObjectSet.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if child identifiers should be treated as case-sensitive when
+     *     The case sensitivity configuration, used to determine whether
-     *     performing lookups on them, or false if the queries should be done
+     *     usernames and/or group names will be treated as case-sensitive.
-     *     case-insensitively.
      *
      * @return
      *     The number of rows inserted.
      */
     int insert(@Param("parent") ParentModelType parent,
                @Param("children") Collection<String> children,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Deletes rows as necessary to modify the one-to-many relationship
@@ -76,17 +76,16 @@ public interface ObjectRelationMapper<ParentModelType extends ObjectModel> {
      *     The identifiers of the objects on the child side of the one-to-many
      *     relationship represented by the RelatedObjectSet.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if child identifiers should be treated as case-sensitive when
+     *     The case sensitivity configuration, used to determine whether
-     *     performing lookups on them, or false if the queries should be done
+     *     usernames and/or group names will be treated as case-sensitive.
-     *     case-insensitively.
      *
      * @return
      *     The number of rows deleted.
      */
     int delete(@Param("parent") ParentModelType parent,
                @Param("children") Collection<String> children,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Retrieves the identifiers of all objects on the child side of the
@@ -123,6 +122,10 @@ public interface ObjectRelationMapper<ParentModelType extends ObjectModel> {
      *     The identifiers of any known effective groups that should be taken
      *     into account, such as those defined externally to the database.
      * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
+     *
      * @param parent
      *     The model of the object on the parent side of the one-to-many
      *     relationship represented by the RelatedObjectSet.
@@ -133,6 +136,7 @@ public interface ObjectRelationMapper<ParentModelType extends ObjectModel> {
      */
     Set<String> selectReadableChildIdentifiers(@Param("user") UserModel user,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity,
             @Param("parent") ParentModelType parent);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/base/RelatedObjectSet.java

@@ -22,11 +22,12 @@ package org.apache.guacamole.auth.jdbc.base;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Set;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleSecurityException;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * A database implementation of RelatedObjectSet which provides access to a
@@ -76,21 +77,21 @@ public abstract class RelatedObjectSet<ParentObjectType extends ModeledDirectory
     }
 
     /**
-     * Return "true" if identifiers within a related object set should be treated
+     * Return the current case sensitivity setting, which can be used to
-     * as case-sensitive, otherwise false.
+     * determine whether or not certain identifiers should be treated as
+     * case-sensitive.
      * 
      * @return
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The current case sensitivity setting.
-     *     "false".
      * 
      * @throws GuacamoleException 
      *     If an error occurs retrieving configuration information on
-     *     case-sensitivity.
+     *     case sensitivity.
      */
-    protected boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
         
         // Identifiers are not case-sensitive by default.
-        return false;
+        return CaseSensitivity.DISABLED;
     }
     
     /**
@@ -189,6 +190,7 @@ public abstract class RelatedObjectSet<ParentObjectType extends ModeledDirectory
         // Otherwise only return explicitly readable identifiers
         return getObjectRelationMapper().selectReadableChildIdentifiers(
                 user.getUser().getModel(), user.getEffectiveUserGroups(),
+                getCaseSensitivity(),
                 parent.getModel());
 
     }
@@ -202,7 +204,8 @@ public abstract class RelatedObjectSet<ParentObjectType extends ModeledDirectory
 
         // Create relations only if permission is granted
         if (canAlterRelation(identifiers))
-            getObjectRelationMapper().insert(parent.getModel(), identifiers, getCaseSensitiveIdentifiers());
+            getObjectRelationMapper().insert(parent.getModel(), identifiers,
+                    getCaseSensitivity());
 
         // User lacks permission to add user groups
         else
@@ -219,7 +222,8 @@ public abstract class RelatedObjectSet<ParentObjectType extends ModeledDirectory
 
         // Delete relations only if permission is granted
         if (canAlterRelation(identifiers))
-            getObjectRelationMapper().delete(parent.getModel(), identifiers, getCaseSensitiveIdentifiers());
+            getObjectRelationMapper().delete(parent.getModel(), identifiers,
+                    getCaseSensitivity());
 
         // User lacks permission to remove user groups
         else

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.java

@@ -23,6 +23,7 @@ import java.util.Collection;
 import java.util.Set;
 import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -68,12 +69,17 @@ public interface ConnectionMapper extends ModeledDirectoryObjectMapper<Connectio
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
+     *
      * @return
      *     A Set containing all identifiers of all readable objects.
      */
     Set<String> selectReadableIdentifiersWithin(@Param("user") UserModel user,
             @Param("parentIdentifier") String parentIdentifier,
-            @Param("effectiveGroups") Collection<String> effectiveGroups);
+            @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Selects the connection within the given parent group and having the

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connection/ConnectionService.java

@@ -361,7 +361,8 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
         else
             return connectionMapper.selectReadableIdentifiersWithin(
                     user.getUser().getModel(), identifier,
-                    user.getEffectiveUserGroups());
+                    user.getEffectiveUserGroups(),
+                    getCaseSensitivity());
 
     }
 
@@ -494,7 +495,7 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
         if (user.isPrivileged() || user.getUser().getEffectivePermissions().getSystemPermissions().hasPermission(SystemPermission.Type.AUDIT))
             searchResults = connectionRecordMapper.search(identifier,
                     recordIdentifier, requiredContents, sortPredicates, limit,
-                    user.isCaseSensitive());
+                    getCaseSensitivity());
 
         // Otherwise only return explicitly readable history records
         else
@@ -502,7 +503,7 @@ public class ConnectionService extends ModeledChildDirectoryObjectService<Modele
                     user.getUser().getModel(), recordIdentifier,
                     requiredContents, sortPredicates, limit,
                     user.getEffectiveUserGroups(),
-                    user.isCaseSensitive());
+                    getCaseSensitivity());
 
         return getObjectInstances(searchResults);
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.java

@@ -23,6 +23,7 @@ import java.util.Collection;
 import java.util.Set;
 import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
 import org.apache.guacamole.auth.jdbc.user.UserModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -73,7 +74,8 @@ public interface ConnectionGroupMapper extends ModeledDirectoryObjectMapper<Conn
      */
     Set<String> selectReadableIdentifiersWithin(@Param("user") UserModel user,
             @Param("parentIdentifier") String parentIdentifier,
-            @Param("effectiveGroups") Collection<String> effectiveGroups);
+            @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Selects the connection group within the given parent group and having

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupService.java

@@ -226,7 +226,8 @@ public class ConnectionGroupService extends ModeledChildDirectoryObjectService<M
         else
             return connectionGroupMapper.selectReadableIdentifiersWithin(
                     user.getUser().getModel(), identifier,
-                    user.getEffectiveUserGroups());
+                    user.getEffectiveUserGroups(),
+                    getCaseSensitivity());
 
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/ModeledObjectPermissionService.java

@@ -23,13 +23,14 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleSecurityException;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
@@ -133,12 +134,12 @@ public abstract class ModeledObjectPermissionService
         // Create permissions only if user has permission to do so
         if (canAlterPermissions(user, targetEntity, permissions)) {
 
-            boolean caseSensitive = getCaseSensitiveIdentifiers();
+            CaseSensitivity caseSensitivity = getCaseSensitivity();
             
             batchPermissionUpdates(permissions, permissionSubset -> {
                 Collection<ObjectPermissionModel> models = getModelInstances(
                         targetEntity, permissionSubset);
-                getPermissionMapper().insert(models, caseSensitive);
+                getPermissionMapper().insert(models, caseSensitivity);
             });
 
             return;
@@ -158,12 +159,12 @@ public abstract class ModeledObjectPermissionService
         // Delete permissions only if user has permission to do so
         if (canAlterPermissions(user, targetEntity, permissions)) {
 
-            boolean caseSensitive = getCaseSensitiveIdentifiers();
+            CaseSensitivity caseSensitivity = getCaseSensitivity();
             
             batchPermissionUpdates(permissions, permissionSubset -> {
                 Collection<ObjectPermissionModel> models = getModelInstances(
                         targetEntity, permissionSubset);
-                getPermissionMapper().delete(models, caseSensitive);
+                getPermissionMapper().delete(models, caseSensitivity);
             });
 
             return;
@@ -183,7 +184,7 @@ public abstract class ModeledObjectPermissionService
         // Retrieve permissions only if allowed
         if (canReadPermissions(user, targetEntity))
             return getPermissionMapper().selectOne(targetEntity.getModel(),
-                    type, identifier, effectiveGroups, getCaseSensitiveIdentifiers()) != null;
+                    type, identifier, effectiveGroups, getCaseSensitivity()) != null;
 
         // User cannot read this entity's permissions
         throw new GuacamoleSecurityException("Permission denied.");
@@ -209,7 +210,7 @@ public abstract class ModeledObjectPermissionService
         if (canReadPermissions(user, targetEntity))
             return getPermissionMapper().selectAccessibleIdentifiers(
                     targetEntity.getModel(), permissions, identifiers,
-                    effectiveGroups, getCaseSensitiveIdentifiers());
+                    effectiveGroups, getCaseSensitivity());
 
         // User cannot read this entity's permissions
         throw new GuacamoleSecurityException("Permission denied.");

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/ModeledPermissionService.java

@@ -195,7 +195,7 @@ public abstract class ModeledPermissionService<PermissionSetType extends Permiss
             return getPermissionInstances(getPermissionMapper().select(
                     targetEntity.getModel(),
                     effectiveGroups,
-                    getCaseSensitiveIdentifiers()));
+                    getCaseSensitivity()));
 
         // User cannot read this entity's permissions
         throw new GuacamoleSecurityException("Permission denied.");

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/ObjectPermissionMapper.java

@@ -21,8 +21,9 @@ package org.apache.guacamole.auth.jdbc.permission;
 
 import java.util.Collection;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
-import org.apache.ibatis.annotations.Param;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
+import org.apache.guacamole.properties.CaseSensitivity;
+import org.apache.ibatis.annotations.Param;
 
 /**
  * Mapper for object-related permissions.
@@ -49,9 +50,9 @@ public interface ObjectPermissionMapper extends PermissionMapper<ObjectPermissio
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The configuration of case sensitivity, used to determine whether
-     *     "false".
+     *     usernames and/or group names will be treated as case-sensitive.
      *
      * @return
      *     The requested permission, or null if no such permission is granted
@@ -61,7 +62,7 @@ public interface ObjectPermissionMapper extends PermissionMapper<ObjectPermissio
             @Param("type") ObjectPermission.Type type,
             @Param("identifier") String identifier,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Retrieves the subset of the given identifiers for which the given entity
@@ -85,9 +86,9 @@ public interface ObjectPermissionMapper extends PermissionMapper<ObjectPermissio
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The configuration of case sensitivity, used to determine whether
-     *     "false".
+     *     usernames and/or group names will be treated as case-sensitive.
      *
      * @return
      *     A collection containing the subset of identifiers for which at least
@@ -97,6 +98,6 @@ public interface ObjectPermissionMapper extends PermissionMapper<ObjectPermissio
             @Param("permissions") Collection<ObjectPermission.Type> permissions,
             @Param("identifiers") Collection<String> identifiers,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/PermissionMapper.java

@@ -21,6 +21,7 @@ package org.apache.guacamole.auth.jdbc.permission;
 
 import java.util.Collection;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -44,16 +45,15 @@ public interface PermissionMapper<PermissionType> {
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The case sensitivity configuration for usernames and group names.
-     *     "false".
      *
      * @return
      *     All permissions associated with the given entity.
      */
     Collection<PermissionType> select(@Param("entity") EntityModel entity,
             @Param("effectiveGroups") Collection<String> effectiveGroups,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Inserts the given permissions into the database. If any permissions
@@ -62,15 +62,14 @@ public interface PermissionMapper<PermissionType> {
      * @param permissions 
      *     The permissions to insert.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The case sensitivity configuration for usernames and group names.
-     *     "false".
      *
      * @return
      *     The number of rows inserted.
      */
     int insert(@Param("permissions") Collection<PermissionType> permissions,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Deletes the given permissions from the database. If any permissions do
@@ -79,14 +78,13 @@ public interface PermissionMapper<PermissionType> {
      * @param permissions
      *     The permissions to delete.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The case sensitivity configuration for usernames and group names.
-     *     "false".
      *
      * @return
      *     The number of rows deleted.
      */
     int delete(@Param("permissions") Collection<PermissionType> permissions,
-               @Param("caseSensitive") boolean caseSensitive);
+               @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/PermissionService.java

@@ -21,12 +21,13 @@ package org.apache.guacamole.auth.jdbc.permission;
 
 import java.util.Collection;
 import java.util.Set;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
 import org.apache.guacamole.net.auth.permission.Permission;
 import org.apache.guacamole.net.auth.permission.PermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
@@ -44,21 +45,21 @@ public interface PermissionService<PermissionSetType extends PermissionSet<Permi
         PermissionType extends Permission> {
 
     /**
-     * Return "true" if identifiers should be treated as case-sensitive,
+     * Return the current case sensitivity setting, allowing the system to
-     * otherwise "false".
+     * determine if usernames and/or group names should be treated as case-
+     * sensitive.
      * 
      * @return
-     *     "true" if identifiers should be treated as case-sensitive, otherwise
+     *     The current case sensitivity configuration.
-     *     "false".
      * 
      * @throws GuacamoleException 
      *     If an error occurs retrieving configuration information related to
-     *     case-sensitivity.
+     *     case sensitivity.
      */
-    default boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    default CaseSensitivity getCaseSensitivity() throws GuacamoleException {
         
-        // By default identifiers are case-insensitive.
+        // By default identifiers are case-sensitive.
-        return false;
+        return CaseSensitivity.ENABLED;
     }
     
     /**

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/SystemPermissionMapper.java

@@ -21,8 +21,9 @@ package org.apache.guacamole.auth.jdbc.permission;
 
 import java.util.Collection;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
-import org.apache.ibatis.annotations.Param;
 import org.apache.guacamole.net.auth.permission.SystemPermission;
+import org.apache.guacamole.properties.CaseSensitivity;
+import org.apache.ibatis.annotations.Param;
 
 /**
  * Mapper for system-level permissions.
@@ -45,12 +46,17 @@ public interface SystemPermissionMapper extends PermissionMapper<SystemPermissio
      *     no groups are given, only permissions directly granted to the user
      *     will be used.
      * 
+     * @param caseSensitivity
+     *     The case sensitivity configuration, used to determine whether usernames
+     *     and/or group names will be treated as case-sensitive.
+     *
      * @return
      *     The requested permission, or null if no such permission is granted
      *     to the given entity.
      */
     SystemPermissionModel selectOne(@Param("entity") EntityModel entity,
             @Param("type") SystemPermission.Type type,
-            @Param("effectiveGroups") Collection<String> effectiveGroups);
+            @Param("effectiveGroups") Collection<String> effectiveGroups,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/SystemPermissionService.java

@@ -23,13 +23,14 @@ import com.google.inject.Inject;
 import com.google.inject.Provider;
 import java.util.Collection;
 import java.util.Set;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleSecurityException;
 import org.apache.guacamole.GuacamoleUnsupportedException;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.net.auth.permission.SystemPermission;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
@@ -99,12 +100,12 @@ public class SystemPermissionService
         if (user.isPrivileged()) {
 
             // Pull identifier case sensitivity
-            boolean caseSensitive = getCaseSensitiveIdentifiers();
+            CaseSensitivity caseSensitivity = getCaseSensitivity();
             
             batchPermissionUpdates(permissions, permissionSubset -> {
                 Collection<SystemPermissionModel> models = getModelInstances(
                         targetEntity, permissionSubset);
-                systemPermissionMapper.insert(models, caseSensitive);
+                systemPermissionMapper.insert(models, caseSensitivity);
             });
 
             return;
@@ -129,12 +130,12 @@ public class SystemPermissionService
                 throw new GuacamoleUnsupportedException("Removing your own administrative permissions is not allowed.");
 
             // Pull case sensitivity
-            boolean caseSensitive = getCaseSensitiveIdentifiers();
+            CaseSensitivity caseSensitivity = getCaseSensitivity();
             
             batchPermissionUpdates(permissions, permissionSubset -> {
                 Collection<SystemPermissionModel> models = getModelInstances(
                         targetEntity, permissionSubset);
-                systemPermissionMapper.delete(models, caseSensitive);
+                systemPermissionMapper.delete(models, caseSensitivity);
             });
 
             return;
@@ -179,7 +180,7 @@ public class SystemPermissionService
 
         // Retrieve permissions only if allowed
         if (canReadPermissions(user, targetEntity))
-            return getPermissionMapper().selectOne(targetEntity.getModel(), type, effectiveGroups) != null;
+            return getPermissionMapper().selectOne(targetEntity.getModel(), type, effectiveGroups, getCaseSensitivity()) != null;
 
         // User cannot read this entity's permissions
         throw new GuacamoleSecurityException("Permission denied.");

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/permission/UserPermissionService.java

@@ -22,11 +22,12 @@ package org.apache.guacamole.auth.jdbc.permission;
 import com.google.inject.Inject;
 import com.google.inject.Provider;
 import java.util.Set;
-import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.EntityModel;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * Service which provides convenience methods for creating, retrieving, and
@@ -54,8 +55,8 @@ public class UserPermissionService extends ModeledObjectPermissionService {
     private JDBCEnvironment environment;
     
     @Override
-    public boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    public CaseSensitivity getCaseSensitivity() throws GuacamoleException {
-        return environment.getCaseSensitiveUsernames();
+        return environment.getCaseSensitivity();
     }
     
     @Override

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/security/PasswordPolicyService.java

@@ -145,7 +145,7 @@ public class PasswordPolicyService {
 
         // Check password against all recorded hashes
         List<PasswordRecordModel> history = passwordRecordMapper.select(username,
-                historySize, environment.getCaseSensitiveUsernames());
+                historySize, environment.getCaseSensitivity());
         for (PasswordRecordModel record : history) {
 
             byte[] hash = encryptionService.createPasswordHash(password, record.getPasswordSalt());

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/tunnel/AbstractGuacamoleTunnelService.java

@@ -67,6 +67,7 @@ import org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileParameterMode
 import org.apache.guacamole.auth.jdbc.user.RemoteAuthenticatedUser;
 import org.apache.guacamole.net.auth.GuacamoleProxyConfiguration;
 import org.apache.guacamole.protocol.FailoverGuacamoleSocket;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -479,7 +480,7 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
         try {
             // This MUST happen before getUUID() is invoked, to ensure the ID driving the UUID exists
             connectionRecordMapper.insert(activeConnection.getModel(),
-                    activeConnection.getUser().isCaseSensitive());
+                    environment.getCaseSensitivity());
             activeTunnels.put(activeConnection.getUUID().toString(), activeConnection);
         }
 
@@ -637,8 +638,21 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
         if (connectionGroup.isSessionAffinityEnabled())
             identifiers = getPreferredConnections(user, identifiers);
 
+        CaseSensitivity caseSensitivity = CaseSensitivity.ENABLED;
+        try {
+            caseSensitivity = environment.getCaseSensitivity();
+        }
+        catch (GuacamoleException e) {
+            logger.warn("Error trying to retrieve case sensitivity configuration: {}."
+                      + "Both usernames and group names will be treated as case-"
+                      + "sensitive.", e.getMessage());
+            logger.debug("An exception was received while trying to retrieve the "
+                       + "case sensitivity configuration.", e);
+        }
+        
         // Retrieve all children
-        Collection<ConnectionModel> models = connectionMapper.select(identifiers, false);
+        Collection<ConnectionModel> models = connectionMapper.select(identifiers,
+                caseSensitivity);
         List<ModeledConnection> connections = new ArrayList<ModeledConnection>(models.size());
 
         // Convert each retrieved model to a modeled connection
@@ -679,7 +693,8 @@ public abstract class AbstractGuacamoleTunnelService implements GuacamoleTunnelS
         // Produce collection of readable connection identifiers
         Collection<ConnectionModel> connections =
                 connectionMapper.selectReadable(user.getUser().getModel(),
-                        identifiers, user.getEffectiveUserGroups(), false);
+                        identifiers, user.getEffectiveUserGroups(),
+                        environment.getCaseSensitivity());
 
         // Ensure set contains only identifiers of readable connections
         identifiers.clear();

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java

@@ -792,12 +792,14 @@ public class ModeledUser extends ModeledPermissions<UserModel> implements User {
     @Override
     public boolean isCaseSensitive() {
         try {
-            return environment.getCaseSensitiveUsernames();
+            return environment.getCaseSensitivity().caseSensitiveUsernames();
         }
         catch (GuacamoleException e) {
-            logger.error("Failed to retrieve the configuration for case-sensitive usernames: {}."
+            logger.error("Failed to retrieve the configuration for case sensitivity: {}. "
-                    + " Usernames comparisons will be case-sensitive.", e.getMessage());
+                       + "Username comparisons will be case-sensitive.",
-            logger.debug("Exception caught when attempting to read the configuration.", e);
+                       e.getMessage());
+            logger.debug("An exception was caught when attempting to retrieve the "
+                       + "case sensitivity configuration.", e);
             return true;
         }
     }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUserContext.java

@@ -194,7 +194,7 @@ public class ModeledUserContext extends RestrictedObject
         userRecord.setRemoteHost(getCurrentUser().getCredentials().getRemoteAddress());
 
         // Insert record representing login
-        userRecordMapper.insert(userRecord, getCurrentUser().isCaseSensitive());
+        userRecordMapper.insert(userRecord, environment.getCaseSensitivity());
         
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/PasswordRecordMapper.java

@@ -21,6 +21,7 @@ package org.apache.guacamole.auth.jdbc.user;
 
 import java.util.List;
 import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -39,9 +40,9 @@ public interface PasswordRecordMapper extends ModeledDirectoryObjectMapper<UserM
      * @param maxHistorySize
      *     The maximum number of records to maintain for each user.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if the username being queried should be evaluated in a
+     *     The object that contains current configuration for case sensitivity
-     *     case-sensitive manner, otherwise false.
+     *     for usernames and group names.
      *
      * @return
      *     A collection of all password records associated with the user having
@@ -50,7 +51,7 @@ public interface PasswordRecordMapper extends ModeledDirectoryObjectMapper<UserM
      */
     List<PasswordRecordModel> select(@Param("username") String username,
             @Param("maxHistorySize") int maxHistorySize,
-            @Param("caseSensitive") boolean caseSensitive);
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
     /**
      * Inserts the given password record. Old records exceeding the maximum

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserMapper.java

@@ -20,6 +20,7 @@
 package org.apache.guacamole.auth.jdbc.user;
 
 import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -34,14 +35,14 @@ public interface UserMapper extends ModeledDirectoryObjectMapper<UserModel> {
      * @param username
      *     The username of the user to return.
      * 
-     * @param caseSensitive
+     * @param caseSensitivity
-     *     true if the search should evaluate the username in a case-sensitive
+     *     The object that contains current configuration for case sensitivity
-     *     manner, otherwise false.
+     *     for usernames and group names.
      *
      * @return
      *     The user having the given username, or null if no such user exists.
      */
     UserModel selectOne(@Param("username") String username,
-                        @Param("caseSensitive") boolean caseSensitive);
+                        @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/UserService.java

@@ -27,12 +27,11 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import javax.servlet.http.HttpServletRequest;
-import org.apache.guacamole.net.auth.Credentials;
-import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
-import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectService;
 import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
+import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectService;
 import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ActivityRecordModel;
 import org.apache.guacamole.auth.jdbc.base.ActivityRecordSearchTerm;
@@ -51,12 +50,14 @@ import org.apache.guacamole.language.TranslatableGuacamoleInsufficientCredential
 import org.apache.guacamole.net.auth.ActivityRecord;
 import org.apache.guacamole.net.auth.AuthenticatedUser;
 import org.apache.guacamole.net.auth.AuthenticationProvider;
+import org.apache.guacamole.net.auth.Credentials;
 import org.apache.guacamole.net.auth.User;
 import org.apache.guacamole.net.auth.credentials.CredentialsInfo;
 import org.apache.guacamole.net.auth.permission.ObjectPermission;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
 import org.apache.guacamole.net.auth.permission.SystemPermission;
 import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -219,8 +220,8 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
     }
     
     @Override
-    protected boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
-        return environment.getCaseSensitiveUsernames();
+        return environment.getCaseSensitivity();
     }
 
     @Override
@@ -254,7 +255,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
         
         // Do not create duplicate users
         Collection<UserModel> existing = userMapper.select(Collections.singleton(
-                    model.getIdentifier()), user.isCaseSensitive());
+                    model.getIdentifier()), getCaseSensitivity());
         if (!existing.isEmpty())
             throw new GuacamoleClientException("User \"" + model.getIdentifier() + "\" already exists.");
 
@@ -291,7 +292,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
         
         // Check whether such a user is already present
         UserModel existing = userMapper.selectOne(model.getIdentifier(),
-                user.isCaseSensitive());
+                getCaseSensitivity());
         if (existing != null) {
 
             // Do not rename to existing user
@@ -359,7 +360,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
         beforeDelete(user, identifier);
         
         // Delete object
-        userMapper.delete(identifier, user.isCaseSensitive());
+        userMapper.delete(identifier, getCaseSensitivity());
 
     }
 
@@ -401,7 +402,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
 
         // Retrieve corresponding user model, if such a user exists
         UserModel userModel = userMapper.selectOne(username,
-                getCaseSensitiveIdentifiers());
+                getCaseSensitivity());
         if (userModel == null)
             return null;
 
@@ -443,7 +444,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
 
         // Retrieve corresponding user model, if such a user exists
         UserModel userModel = userMapper.selectOne(authenticatedUser.getIdentifier(),
-                authenticatedUser.isCaseSensitive());
+                getCaseSensitivity());
         if (userModel == null)
             return null;
 
@@ -642,7 +643,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
         if (user.isPrivileged() || user.getUser().getEffectivePermissions().getSystemPermissions().hasPermission(SystemPermission.Type.AUDIT))
             searchResults = userRecordMapper.search(username, recordIdentifier,
                     requiredContents, sortPredicates, limit,
-                    user.isCaseSensitive());
+                    getCaseSensitivity());
 
         // Otherwise only return explicitly readable history records
         else
@@ -650,7 +651,7 @@ public class UserService extends ModeledDirectoryObjectService<ModeledUser, User
                     user.getUser().getModel(), recordIdentifier,
                     requiredContents, sortPredicates, limit,
                     user.getEffectiveUserGroups(),
-                    user.isCaseSensitive());
+                    getCaseSensitivity());
 
         return getObjectInstances(searchResults);
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/ModeledUserGroup.java

@@ -28,6 +28,7 @@ import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ModeledPermissions;
 import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
 import org.apache.guacamole.form.BooleanField;
@@ -35,6 +36,8 @@ import org.apache.guacamole.form.Field;
 import org.apache.guacamole.form.Form;
 import org.apache.guacamole.net.auth.RelatedObjectSet;
 import org.apache.guacamole.net.auth.UserGroup;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * An implementation of the UserGroup object which is backed by a database model.
@@ -42,6 +45,11 @@ import org.apache.guacamole.net.auth.UserGroup;
 public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
         implements UserGroup {
 
+    /**
+     * The Logger for this class.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(ModeledUserGroup.class);
+    
     /**
      * All possible attributes of user groups organized as individual,
      * logical forms.
@@ -75,6 +83,13 @@ public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
     @Inject
     private Provider<UserGroupMemberUserGroupSet> memberUserGroupSetProvider;
     
+    /**
+     * The environment associated with this instance of the JDBC authentication
+     * module.
+     */
+    @Inject
+    private JDBCEnvironment environment;
+
     /**
      * Whether attributes which control access restrictions should be exposed
      * via getAttributes() or allowed to be set via setAttributes().
@@ -188,4 +203,19 @@ public class ModeledUserGroup extends ModeledPermissions<UserGroupModel>
         return memberUserGroupSet;
     }
     
+    @Override
+    public boolean isCaseSensitive() {
+        try {
+            return environment.getCaseSensitivity().caseSensitiveGroupNames();
+        }
+        catch (GuacamoleException e) {
+            LOGGER.error("Error while retrieving case sensitivity configuration: {}. "
+                       + "Group names comparisons will be case-sensitive.",
+                      e.getMessage());
+            LOGGER.debug("An exception was caught when attempting to retrieve the "
+                       + "case sensitivity configuration.", e);
+            return true;
+        }
+    }
+
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMapper.java

@@ -20,6 +20,7 @@
 package org.apache.guacamole.auth.jdbc.usergroup;
 
 import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.ibatis.annotations.Param;
 
 /**
@@ -34,9 +35,14 @@ public interface UserGroupMapper extends ModeledDirectoryObjectMapper<UserGroupM
      * @param name
      *     The name of the group to return.
      * 
+     * @param caseSensitivity
+     *     The object that contains current configuration for case sensitivity
+     *     for usernames and group names.
+     *
      * @return
      *     The group having the given name, or null if no such group exists.
      */
-    UserGroupModel selectOne(@Param("name") String name);
+    UserGroupModel selectOne(@Param("name") String name,
+            @Param("caseSensitivity") CaseSensitivity caseSensitivity);
 
 }

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserGroupSet.java

@@ -21,9 +21,11 @@ package org.apache.guacamole.auth.jdbc.usergroup;
 
 import com.google.inject.Inject;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ObjectRelationMapper;
 import org.apache.guacamole.auth.jdbc.base.RelatedObjectSet;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * RelatedObjectSet implementation which represents the one-to-many
@@ -37,6 +39,17 @@ public class UserGroupMemberUserGroupSet extends RelatedObjectSet<ModeledUserGro
     @Inject
     private UserGroupMemberUserGroupMapper userGroupMemberUserGroupMapper;
 
+    /**
+     * The server environment for retrieving configuration.
+     */
+    @Inject
+    private JDBCEnvironment environment;
+    
+    @Override
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
+        return environment.getCaseSensitivity();
+    }
+    
     @Override
     protected ObjectRelationMapper<UserGroupModel> getObjectRelationMapper() {
         return userGroupMemberUserGroupMapper;

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserSet.java

@@ -25,6 +25,7 @@ import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ObjectRelationMapper;
 import org.apache.guacamole.auth.jdbc.base.RelatedObjectSet;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * RelatedObjectSet implementation which represents the one-to-many
@@ -32,6 +33,13 @@ import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
  */
 public class UserGroupMemberUserSet extends RelatedObjectSet<ModeledUserGroup, UserGroupModel> {
 
+    /**
+     * The environment of the running server, used for retrieving server
+     * configuration information.
+     */
+    @Inject
+    private JDBCEnvironment environment;
+    
     /**
      * Mapper for the relation between user groups and their user members.
      */
@@ -39,8 +47,8 @@ public class UserGroupMemberUserSet extends RelatedObjectSet<ModeledUserGroup, U
     private UserGroupMemberUserMapper userGroupMemberUserMapper;
 
     @Override
-    protected boolean getCaseSensitiveIdentifiers() throws GuacamoleException {
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
-        return getCurrentUser().isCaseSensitive();
+        return environment.getCaseSensitivity();
     }
     
     @Override

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupParentUserGroupSet.java

@@ -21,9 +21,11 @@ package org.apache.guacamole.auth.jdbc.usergroup;
 
 import com.google.inject.Inject;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
 import org.apache.guacamole.auth.jdbc.base.ObjectRelationMapper;
 import org.apache.guacamole.auth.jdbc.base.RelatedObjectSet;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.properties.CaseSensitivity;
 
 /**
  * RelatedObjectSet implementation which represents the one-to-many
@@ -38,6 +40,17 @@ public class UserGroupParentUserGroupSet extends RelatedObjectSet<ModeledUserGro
     @Inject
     private UserGroupParentUserGroupMapper userGroupParentUserGroupMapper;
     
+    /**
+     * The server environment for retrieving configuration.
+     */
+    @Inject
+    private JDBCEnvironment environment;
+    
+    @Override
+    protected CaseSensitivity getCaseSensitivity() throws GuacamoleException {
+        return environment.getCaseSensitivity();
+    }
+
     @Override
     protected ObjectRelationMapper<UserGroupModel> getObjectRelationMapper() {
         return userGroupParentUserGroupMapper;

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/usergroup/UserGroupService.java

@@ -21,10 +21,11 @@ package org.apache.guacamole.auth.jdbc.usergroup;
 
 import com.google.inject.Inject;
 import com.google.inject.Provider;
-import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
-import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectService;
 import org.apache.guacamole.GuacamoleClientException;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.auth.jdbc.JDBCEnvironment;
+import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectMapper;
+import org.apache.guacamole.auth.jdbc.base.ModeledDirectoryObjectService;
 import org.apache.guacamole.auth.jdbc.base.EntityMapper;
 import org.apache.guacamole.auth.jdbc.permission.ObjectPermissionMapper;
 import org.apache.guacamole.auth.jdbc.permission.UserGroupPermissionMapper;
@@ -47,6 +48,12 @@ public class UserGroupService extends ModeledDirectoryObjectService<ModeledUserG
     @Inject
     private EntityMapper entityMapper;
     
+    /**
+     * The Guacamole server configuration environment.
+     */
+    @Inject
+    private JDBCEnvironment environment;
+
     /**
      * Mapper for accessing user groups.
      */
@@ -145,7 +152,8 @@ public class UserGroupService extends ModeledDirectoryObjectService<ModeledUserG
             throw new GuacamoleClientException("The group name must not be blank.");
         
         // Do not create duplicate user groups
-        UserGroupModel existing = userGroupMapper.selectOne(model.getIdentifier());
+        UserGroupModel existing = userGroupMapper.selectOne(model.getIdentifier(),
+                environment.getCaseSensitivity());
         if (existing != null)
             throw new GuacamoleClientException("Group \"" + model.getIdentifier() + "\" already exists.");
 
@@ -166,7 +174,8 @@ public class UserGroupService extends ModeledDirectoryObjectService<ModeledUserG
         
         // Do not allow groups to be renamed if the name collides with that of
         // another, existing group
-        UserGroupModel existing = userGroupMapper.selectOne(model.getIdentifier());
+        UserGroupModel existing = userGroupMapper.selectOne(model.getIdentifier(),
+                environment.getCaseSensitivity());
         if (existing != null && !existing.getObjectID().equals(model.getObjectID()))
             throw new GuacamoleClientException("Group \"" + model.getIdentifier() + "\" already exists.");
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/java/org/apache/guacamole/auth/mysql/MySQLAuthenticationProviderModule.java

@@ -29,6 +29,7 @@ import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.mysql.conf.MySQLDriver;
 import org.apache.guacamole.auth.mysql.conf.MySQLEnvironment;
 import org.apache.guacamole.auth.mysql.conf.MySQLSSLMode;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.mybatis.guice.datasource.helper.JdbcHelper;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -129,14 +130,15 @@ public class MySQLAuthenticationProviderModule implements Module {
         if (serverTz != null)
             driverProperties.setProperty("serverTimezone", serverTz.getID());
         
-        // Check for case-sensitivity and warn admin
+        // Check for case sensitivity and warn admin
-        if (environment.getCaseSensitiveUsernames())
+        if (environment.getCaseSensitivity() != CaseSensitivity.DISABLED)
             LOGGER.warn("The MySQL module is currently configured to support "
-                    + "case-sensitive username comparisons, however, the default "
+                    + "case-sensitive username and/or group name comparisons, "
-                    + "collations for MySQL databases do not support "
+                    + "however, the default collations for MySQL databases do "
-                    + "case-sensitive string comparisons. If you want usernames "
+                    + "not support case-sensitive string comparisons. If you "
-                    + "within Guacamole to be treated as case-sensitive, further "
+                    + "want identifiers within Guacamole to be treated as "
-                    + "database configuration may be required.");
+                    + "case-sensitive, further database configuration may be "
+                    + "required.");
 
     }
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/base/EntityMapper.xml

@@ -51,11 +51,24 @@
                     JOIN guacamole_user_group ON guacamole_user_group.entity_id = guacamole_entity.entity_id
                     WHERE
                         type = 'USER_GROUP'
-                        AND name IN
+                        AND
-                            <foreach collection="${groups}" item="effectiveGroup"
+                        <choose>
-                                     open="(" separator="," close=")">
+                            <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                #{effectiveGroup,jdbcType=VARCHAR}
+                                name IN
-                            </foreach>
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                </foreach>
+                            </when>
+                            <otherwise>
+                                LOWER(name) IN
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                </foreach>
+                            </otherwise>
+                        </choose>
+                            
                         AND disabled = false
                 )
             </if>
@@ -83,20 +96,44 @@
                 JOIN guacamole_entity member_entity ON guacamole_user_group_member.member_entity_id = member_entity.entity_id
                 WHERE
                     guacamole_user_group.disabled = false
-                    AND member_entity.type = 'USER_GROUP' AND member_entity.name IN
+                    AND member_entity.type = 'USER_GROUP' AND
-                        <foreach collection="effectiveGroups" item="effectiveGroup"
+                    <choose>
-                                 open="(" separator="," close=")">
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
-                            #{effectiveGroup,jdbcType=VARCHAR}
+                            member_entity.name IN
-                        </foreach>
+                            <foreach collection="effectiveGroups" item="effectiveGroup"
+                                     open="(" separator="," close=")">
+                                #{effectiveGroup,jdbcType=VARCHAR}
+                            </foreach>
+                        </when>
+                        <otherwise>
+                            LOWER(member_entity.name) IN
+                            <foreach collection="effectiveGroups" item="effectiveGroup"
+                                     open="(" separator="," close=")">
+                                LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                            </foreach>
+                        </otherwise>
+                </choose>                
                 UNION SELECT
                     guacamole_entity.name
                 FROM guacamole_user_group
                 JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-                WHERE type = 'USER_GROUP' AND name IN
+                WHERE type = 'USER_GROUP' AND
-                    <foreach collection="effectiveGroups" item="effectiveGroup"
+                <choose>
-                             open="(" separator="," close=")">
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
-                        #{effectiveGroup,jdbcType=VARCHAR}
+                        name IN
-                    </foreach>
+                        <foreach collection="effectiveGroups" item="effectiveGroup"
+                                 open="(" separator="," close=")">
+                            #{effectiveGroup,jdbcType=VARCHAR}
+                        </foreach>
+                    </when>
+                    <otherwise>
+                        LOWER(name) IN
+                        <foreach collection="effectiveGroups" item="effectiveGroup"
+                                 open="(" separator="," close=")">
+                            LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                        </foreach>
+                    </otherwise>
+                </choose>
             </if>
         </if>
 
@@ -117,11 +154,23 @@
                         JOIN guacamole_user_group ON guacamole_user_group.entity_id = guacamole_entity.entity_id
                         WHERE
                             type = 'USER_GROUP'
-                            AND name IN
+                            AND
-                                <foreach collection="effectiveGroups" item="effectiveGroup"
+                            <choose>
-                                         open="(" separator="," close=")">
+                                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                    name IN
-                                </foreach>
+                                    <foreach collection="effectiveGroups" item="effectiveGroup"
+                                             open="(" separator="," close=")">
+                                        #{effectiveGroup,jdbcType=VARCHAR}
+                                    </foreach>
+                                </when>
+                                <otherwise>
+                                    LOWER(name) IN
+                                    <foreach collection="effectiveGroups" item="effectiveGroup"
+                                             open="(" separator="," close=")">
+                                        LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                    </foreach>
+                                </otherwise>
+                            </choose>
                             AND guacamole_user_group.disabled = false
                 </if>
                 UNION

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml

@@ -82,9 +82,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -194,8 +195,9 @@
             </foreach>
             AND guacamole_connection.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
         GROUP BY guacamole_connection.connection_id;
@@ -209,8 +211,9 @@
             </foreach>
             AND guacamole_sharing_profile.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -226,8 +229,9 @@
             </foreach>
             AND guacamole_connection_attribute.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -62,7 +62,7 @@
              JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -121,7 +121,7 @@
                         FROM guacamole_user
                         WHERE
                         <choose>
-                            <when test="caseSensitive">
+                            <when test="caseSensitivity.caseSensitiveUsernames()">
                                 POSITION(#{term.term,jdbcType=VARCHAR} IN username) > 0
                             </when>
                             <otherwise>
@@ -190,16 +190,18 @@
             <!-- Restrict to readable connections -->
             AND guacamole_connection_history.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
             <!-- Restrict to readable users -->
             AND guacamole_connection_history.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
@@ -216,7 +218,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml

@@ -83,9 +83,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -93,8 +94,9 @@
     <!-- Select identifiers of all readable connection groups -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -116,8 +118,9 @@
             <if test="parentIdentifier == null">parent_id IS NULL</if>
             AND connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
     </select>
@@ -190,8 +193,9 @@
             </foreach>
             AND guacamole_connection_group.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -204,8 +208,9 @@
             </foreach>
             AND guacamole_connection_group.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -218,8 +223,9 @@
             </foreach>
             AND guacamole_connection.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -235,8 +241,9 @@
             </foreach>
             AND guacamole_connection_group_attribute.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionGroupPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND connection_group_id = #{identifier,jdbcType=VARCHAR}
@@ -74,9 +76,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_group_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND connection_id = #{identifier,jdbcType=VARCHAR}
@@ -74,9 +76,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SharingProfilePermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND sharing_profile_id = #{identifier,jdbcType=VARCHAR}
@@ -74,9 +76,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND sharing_profile_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SystemPermissionMapper.xml

@@ -39,9 +39,10 @@
         FROM guacamole_system_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -55,9 +56,10 @@
         FROM guacamole_system_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserGroupPermissionMapper.xml

@@ -43,9 +43,10 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND affected_entity.type = 'USER_GROUP'
 
@@ -63,13 +64,22 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"         value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
-            AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
             AND affected_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    affected_entity.name = #{identifier,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(affected_entity.name) = LOWER(#{identifier,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
 
     </select>
 
@@ -82,21 +92,35 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
-            AND affected_entity.name IN
+            AND affected_entity.type = 'USER_GROUP'
-                <foreach collection="identifiers" item="identifier"
+            AND 
-                         open="(" separator="," close=")">
+                <choose>
-                    #{identifier,jdbcType=VARCHAR}
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
-                </foreach>
+                        affected_entity.name IN
+                        <foreach collection="identifiers" item="identifier"
+                                 open="(" separator="," close=")">
+                            #{identifier,jdbcType=VARCHAR}
+                        </foreach>
+                    </when>
+                    <otherwise>
+                        LOWER(affected_entity.name) IN
+                        <foreach collection="identifiers" item="identifier"
+                                 open="(" separator="," close=")">
+                            LOWER(#{identifier,jdbcType=VARCHAR})
+                        </foreach>
+                    </otherwise>
+                </choose>
+            
             AND permission IN
                 <foreach collection="permissions" item="permission"
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}
                 </foreach>
-            AND affected_entity.type = 'USER_GROUP'
 
     </select>
 
@@ -108,14 +132,28 @@
         JOIN guacamole_user_group affected_group ON guacamole_user_group_permission.affected_user_group_id = affected_group.user_group_id
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
-            (guacamole_user_group_permission.entity_id, permission, affected_entity.name) IN
+            affected_entity.type = 'USER_GROUP'
-                <foreach collection="permissions" item="permission"
+            AND
-                         open="(" separator="," close=")">
+            <choose>
-                    (#{permission.entityID,jdbcType=INTEGER},
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                     #{permission.type,jdbcType=VARCHAR},
+                    (guacamole_user_group_permission.entity_id, permission, affected_entity.name) IN
-                     #{permission.objectIdentifier,jdbcType=VARCHAR})
+                    <foreach collection="permissions" item="permission"
-                </foreach>
+                             open="(" separator="," close=")">
-            AND affected_entity.type = 'USER_GROUP'
+                        (#{permission.entityID,jdbcType=INTEGER},
+                         #{permission.type,jdbcType=VARCHAR},
+                         #{permission.objectIdentifier,jdbcType=VARCHAR})
+                    </foreach>
+                </when>
+                <otherwise>
+                    (guacamole_user_group_permission.entity_id, permission, LOWER(affected_entity.name)) IN
+                    <foreach collection="permissions" item="permission"
+                             open="(" separator="," close=")">
+                        (#{permission.entityID,jdbcType=INTEGER},
+                         #{permission.type,jdbcType=VARCHAR},
+                         LOWER(#{permission.objectIdentifier,jdbcType=VARCHAR}))
+                    </foreach>
+                </otherwise>
+            </choose>
             
     </delete>
 
@@ -140,8 +178,16 @@
             </foreach>
         AS permissions
         JOIN guacamole_entity affected_entity ON
-                affected_entity.name = permissions.affected_name
+                affected_entity.type = 'USER_GROUP'
-            AND affected_entity.type = 'USER_GROUP'
+                AND
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        affected_entity.name = permissions.affected_name
+                    </when>
+                    <otherwise>
+                        LOWER(affected_entity.name) = LOWER(permissions.affected_name)
+                    </otherwise>
+                </choose>
         JOIN guacamole_user_group affected_group ON affected_group.entity_id = affected_entity.entity_id
 
     </insert>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserPermissionMapper.xml

@@ -43,9 +43,10 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND affected_entity.type = 'USER'
 
@@ -63,14 +64,15 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     affected_entity.name = #{identifier,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
@@ -90,13 +92,15 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
+            AND affected_entity.type = 'USER'
             AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         affected_entity.name IN
                         <foreach collection="identifiers" item="identifier"
                          open="(" separator="," close=")">
@@ -116,7 +120,6 @@
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}
                 </foreach>
-            AND affected_entity.type = 'USER'
 
     </select>
 
@@ -129,7 +132,7 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     (guacamole_user_permission.entity_id, permission, affected_entity.name) IN
                     <foreach collection="permissions" item="permission"
                             open="(" separator="," close=")">
@@ -174,7 +177,7 @@
         AS permissions
         JOIN guacamole_entity affected_entity ON
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     affected_entity.name = permissions.affected_name
                 </when>
                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml

@@ -66,9 +66,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -76,8 +77,9 @@
     <!-- Select identifiers of all readable sharing profiles -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -125,8 +127,9 @@
             </foreach>
             AND guacamole_sharing_profile.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -142,8 +145,9 @@
             </foreach>
             AND guacamole_sharing_profile_attribute.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/user/PasswordRecordMapper.xml

@@ -44,7 +44,7 @@
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserMapper.xml

@@ -82,9 +82,10 @@
         FROM guacamole_user_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -97,8 +98,9 @@
         WHERE
             guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_entity.type = 'USER'
@@ -132,7 +134,7 @@
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -143,7 +145,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -163,7 +165,7 @@
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -174,7 +176,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -214,7 +216,7 @@
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
         WHERE 
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -225,7 +227,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -236,8 +238,9 @@
             AND guacamole_entity.type = 'USER'
             AND guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
         GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
@@ -251,7 +254,7 @@
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -262,7 +265,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -273,8 +276,9 @@
             AND guacamole_entity.type = 'USER'
             AND guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -308,7 +312,7 @@
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
@@ -327,7 +331,7 @@
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
@@ -343,7 +347,7 @@
         DELETE FROM guacamole_entity
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     name = #{identifier,jdbcType=VARCHAR}
                 </when>
                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserParentUserGroupMapper.xml

@@ -43,8 +43,9 @@
         WHERE
             guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.member_entity_id = #{parent.entityID,jdbcType=INTEGER}
@@ -60,10 +61,26 @@
         WHERE
             member_entity_id = #{parent.entityID,jdbcType=INTEGER}
             AND guacamole_entity.type = 'USER_GROUP'
-            AND guacamole_entity.name IN
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier,jdbcType=VARCHAR}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier,jdbcType=VARCHAR}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier,jdbcType=VARCHAR})
+                        </otherwise>
+                    </choose>
                 </foreach>
     </delete>
 
@@ -79,12 +96,28 @@
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
         WHERE
-            guacamole_entity.name IN
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier,jdbcType=VARCHAR}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier})
+                        </otherwise>
+                    </choose>
                 </foreach>
-            AND guacamole_entity.type = 'USER_GROUP'
             AND guacamole_user_group.user_group_id NOT IN (
                 SELECT guacamole_user_group_member.user_group_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserRecordMapper.xml

@@ -50,7 +50,7 @@
              JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -89,7 +89,7 @@
             
             <if test="identifier != null">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_user_history.username = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -107,7 +107,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>
@@ -163,13 +163,14 @@
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
                     <property name="groups"   value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             
             <if test="identifier != null">
                 AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -187,7 +188,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMapper.xml

@@ -68,9 +68,10 @@
         FROM guacamole_user_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -83,8 +84,9 @@
         WHERE
             guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_entity.type = 'USER_GROUP'
@@ -101,12 +103,30 @@
             disabled
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
             <foreach collection="identifiers" item="identifier"
-                     open="(" separator="," close=")">
+                    open="(" separator="," close=")">
-                #{identifier,jdbcType=VARCHAR}
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        #{identifier,jdbcType=VARCHAR}
+                    </when>
+                    <otherwise>
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </otherwise>
+                </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER_GROUP';
+            ;
 
         SELECT
             guacamole_user_group_attribute.user_group_id,
@@ -115,12 +135,30 @@
         FROM guacamole_user_group_attribute
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
             <foreach collection="identifiers" item="identifier"
-                     open="(" separator="," close=")">
+                    open="(" separator="," close=")">
-                #{identifier,jdbcType=VARCHAR}
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        #{identifier,jdbcType=VARCHAR}
+                    </when>
+                    <otherwise>
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </otherwise>
+                </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER_GROUP';
+            ;
 
     </select>
 
@@ -135,16 +173,34 @@
             disabled
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE 
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
-                #{identifier,jdbcType=VARCHAR}
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        #{identifier,jdbcType=VARCHAR}
+                    </when>
+                    <otherwise>
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </otherwise>
+                </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER_GROUP'
             AND guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -155,16 +211,34 @@
         FROM guacamole_user_group_attribute
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
-                #{identifier,jdbcType=VARCHAR}
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        #{identifier,jdbcType=VARCHAR}
+                    </when>
+                    <otherwise>
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </otherwise>
+                </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER_GROUP'
+            AND guacamole_user_group.user_group_id IN (
-            AND  guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -182,7 +256,14 @@
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
         WHERE
-            guacamole_entity.name = #{name,jdbcType=VARCHAR}
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
             AND guacamole_entity.type = 'USER_GROUP';
 
         SELECT
@@ -193,8 +274,16 @@
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
         WHERE
-            guacamole_entity.name = #{name,jdbcType=VARCHAR}
+            guacamole_entity.type = 'USER_GROUP'
-            AND guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose> 
 
     </select>
 
@@ -202,8 +291,15 @@
     <delete id="delete">
         DELETE FROM guacamole_entity
         WHERE
-            name = #{identifier,jdbcType=VARCHAR}
+            type = 'USER_GROUP'
-            AND type = 'USER_GROUP'
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    name = #{identifier,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(name) = LOWER(#{identifier,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
     </delete>
 
     <!-- Insert single group -->

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserGroupMapper.xml

@@ -40,14 +40,15 @@
         JOIN guacamole_entity ON guacamole_entity.entity_id = guacamole_user_group_member.member_entity_id
         JOIN guacamole_user_group ON guacamole_user_group.entity_id = guacamole_entity.entity_id
         WHERE
-            guacamole_user_group.user_group_id IN (
+            guacamole_entity.type = 'USER_GROUP'
+            AND guacamole_user_group_member.user_group_id = #{parent.objectID,jdbcType=INTEGER}
+            AND guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
-            AND guacamole_user_group_member.user_group_id = #{parent.objectID,jdbcType=INTEGER}
-            AND guacamole_entity.type = 'USER_GROUP'
     </select>
 
     <!-- Delete member groups by name -->
@@ -58,10 +59,26 @@
         WHERE
             user_group_id = #{parent.objectID,jdbcType=INTEGER}
             AND guacamole_entity.type = 'USER_GROUP'
-            AND guacamole_entity.name IN
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier,jdbcType=VARCHAR}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier,jdbcType=VARCHAR}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier,jdbcType=VARCHAR})
+                        </otherwise>
+                    </choose>
                 </foreach>
     </delete>
 
@@ -76,12 +93,28 @@
             guacamole_entity.entity_id
         FROM guacamole_entity
         WHERE
-            guacamole_entity.name IN
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caesSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier})
+                        </otherwise>
+                    </choose>
                 </foreach>
-            AND guacamole_entity.type = 'USER_GROUP'
             AND guacamole_entity.entity_id NOT IN (
                 SELECT guacamole_user_group_member.member_entity_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserMapper.xml

@@ -44,6 +44,7 @@
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
                     <property name="groups"   value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.user_group_id = #{parent.objectID,jdbcType=INTEGER}
@@ -60,7 +61,7 @@
             AND guacamole_entity.type = 'USER'
             AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -71,7 +72,7 @@
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
                     <choose>
-                        <when test="caseSensitive">
+                        <when test="caseSensitivity.caseSensitiveUsernames()">
                             #{identifier,jdbcType=VARCHAR}
                         </when>
                         <otherwise>
@@ -92,8 +93,10 @@
             guacamole_entity.entity_id
         FROM guacamole_entity
         WHERE
+            guacamole_entity.type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -104,15 +107,14 @@
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
                     <choose>
-                        <when test="caseSensitive">
+                        <when test="caseSensitivity.caseSensitiveUsernames()">
-                            #{identifier}
+                            #{identifier,jdbcType=VARCHAR}
                         </when>
                         <otherwise>
-                            LOWER(#{identifier})
+                            LOWER(#{identifier,jdbcType=VARCHAR})
                         </otherwise>
                     </choose>
                 </foreach>
-            AND guacamole_entity.type = 'USER'
             AND guacamole_entity.entity_id NOT IN (
                 SELECT guacamole_user_group_member.member_entity_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-mysql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupParentUserGroupMapper.xml

@@ -41,14 +41,15 @@
         JOIN guacamole_user_group ON guacamole_user_group_member.user_group_id = guacamole_user_group.user_group_id
         JOIN guacamole_entity ON guacamole_entity.entity_id = guacamole_user_group.entity_id
         WHERE
-            guacamole_user_group.user_group_id IN (
+            guacamole_entity.type = 'USER_GROUP'
+            AND guacamole_user_group_member.member_entity_id = #{parent.entityID,jdbcType=INTEGER}
+            AND guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
-            AND guacamole_user_group_member.member_entity_id = #{parent.entityID,jdbcType=INTEGER}
-            AND guacamole_entity.type = 'USER_GROUP'
     </select>
 
     <!-- Delete parent groups by name -->
@@ -60,10 +61,26 @@
         WHERE
             member_entity_id = #{parent.entityID,jdbcType=INTEGER}
             AND guacamole_entity.type = 'USER_GROUP'
-            AND guacamole_entity.name IN
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier,jdbcType=VARCHAR}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier,jdbcType=VARCHAR}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier,jdbcType=VARCHAR})
+                        </otherwise>
+                    </choose>
                 </foreach>
     </delete>
 
@@ -79,12 +96,28 @@
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
         WHERE
-            guacamole_entity.name IN
+            guacamole_entity.type = 'USER_GROUP'
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name)
+                </otherwise>
+            </choose>
+            IN
                 <foreach collection="children" item="identifier"
                          open="(" separator="," close=")">
-                    #{identifier,jdbcType=VARCHAR}
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{identifier,jdbcType=VARCHAR}
+                        </when>
+                        <otherwise>
+                            LOWER(#{identifier,jdbcType=VARCHAR})
+                        </otherwise>
+                    </choose>
                 </foreach>
-            AND guacamole_entity.type = 'USER_GROUP'
             AND guacamole_user_group.user_group_id NOT IN (
                 SELECT guacamole_user_group_member.user_group_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/base/EntityMapper.xml

@@ -51,11 +51,23 @@
                     JOIN guacamole_user_group ON guacamole_user_group.entity_id = guacamole_entity.entity_id
                     WHERE
                         type = 'USER_GROUP'::guacamole_entity_type
-                        AND name IN
+                        AND 
-                            <foreach collection="${groups}" item="effectiveGroup"
+                        <choose>
-                                     open="(" separator="," close=")">
+                            <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                #{effectiveGroup,jdbcType=VARCHAR}
+                                name IN
-                            </foreach>
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                </foreach>
+                            </when>
+                            <otherwise>
+                                LOWER(name) IN
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                </foreach>
+                            </otherwise>
+                        </choose>
                         AND disabled = false
                 )
             </if>
@@ -81,11 +93,23 @@
                     JOIN guacamole_user_group ON guacamole_user_group.entity_id = guacamole_entity.entity_id
                     WHERE
                         type = 'USER_GROUP'::guacamole_entity_type
-                        AND name IN
+                        AND 
-                            <foreach collection="effectiveGroups" item="effectiveGroup"
+                        <choose>
-                                     open="(" separator="," close=")">
+                            <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                #{effectiveGroup,jdbcType=VARCHAR}
+                                name IN
-                            </foreach>
+                                <foreach collection="effectiveGroups" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                </foreach>
+                            </when>
+                            <otherwise>
+                                LOWER(name) IN
+                                <foreach collection="effectiveGroups" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                </foreach>
+                            </otherwise>
+                        </choose>
                         AND guacamole_user_group.disabled = false
             </if>
             UNION

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml

@@ -82,9 +82,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -92,8 +93,9 @@
     <!-- Select identifiers of all readable connections -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -115,8 +117,9 @@
             <if test="parentIdentifier == null">parent_id IS NULL</if>
             AND connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
     </select>
@@ -194,8 +197,9 @@
             </foreach>
             AND guacamole_connection.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
         GROUP BY guacamole_connection.connection_id;
@@ -209,8 +213,9 @@
             </foreach>
             AND guacamole_sharing_profile.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -226,8 +231,9 @@
             </foreach>
             AND guacamole_connection_attribute.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -62,7 +62,7 @@
              JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -119,7 +119,7 @@
                         FROM guacamole_user
                     WHERE
                         <choose>
-                            <when test="caseSensitive">
+                            <when test="caseSensitivity.caseSensitiveUsernames()">
                                 POSITION(#{term.term,jdbcType=VARCHAR} IN username) > 0
                             </when>
                             <otherwise>
@@ -188,16 +188,18 @@
             <!-- Restrict to readable connections -->
             AND guacamole_connection_history.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
             <!-- Restrict to readable users -->
             AND guacamole_connection_history.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
@@ -214,7 +216,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml

@@ -83,9 +83,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -93,8 +94,9 @@
     <!-- Select identifiers of all readable connection groups -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -116,8 +118,9 @@
             <if test="parentIdentifier == null">parent_id IS NULL</if>
             AND connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
     </select>
@@ -190,8 +193,9 @@
             </foreach>
             AND guacamole_connection_group.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -204,8 +208,9 @@
             </foreach>
             AND guacamole_connection_group.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -218,8 +223,9 @@
             </foreach>
             AND guacamole_connection.connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -235,8 +241,9 @@
             </foreach>
             AND guacamole_connection_group_attribute.connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionGroupPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
             AND connection_group_id = #{identifier,jdbcType=INTEGER}::integer
@@ -74,9 +76,10 @@
         FROM guacamole_connection_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_group_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
             AND connection_id = #{identifier,jdbcType=INTEGER}::integer
@@ -74,9 +76,10 @@
         FROM guacamole_connection_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SharingProfilePermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
             AND sharing_profile_id = #{identifier,jdbcType=INTEGER}::integer
@@ -74,9 +76,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND sharing_profile_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SystemPermissionMapper.xml

@@ -39,9 +39,10 @@
         FROM guacamole_system_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -55,9 +56,10 @@
         FROM guacamole_system_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_system_permission_type
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserGroupPermissionMapper.xml

@@ -43,9 +43,10 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
 
@@ -63,13 +64,22 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
-            AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
             AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    affected_entity.name = #{identifier,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(affected_entity.name) = LOWER(#{identifier,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
 
     </select>
 
@@ -82,21 +92,34 @@
         JOIN guacamole_entity affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_group_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_group_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
-            AND affected_entity.name IN
+            AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
-                <foreach collection="identifiers" item="identifier"
+            AND
-                         open="(" separator="," close=")">
+            <choose>
-                    #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                </foreach>
+                    affected_entity.name IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(affected_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND permission IN
                 <foreach collection="permissions" item="permission"
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}::guacamole_object_permission_type
                 </foreach>
-            AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
 
     </select>
 
@@ -108,12 +131,29 @@
         WHERE
             guacamole_user_group_permission.affected_user_group_id = affected_group.user_group_id
             AND affected_group.entity_id = affected_entity.entity_id
-            AND (guacamole_user_group_permission.entity_id, permission, affected_entity.name) IN
+            AND 
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        (guacamole_user_group_permission.entity_id, permission, affected_entity.name)
+                    </when>
+                    <otherwise>
+                        (guacamole_user_group_permission.entity_id, permission, LOWER(affected_entity.name))
+                    </otherwise>
+                </choose>
+                IN
                 <foreach collection="permissions" item="permission"
                          open="(" separator="," close=")">
                     (#{permission.entityID,jdbcType=INTEGER},
                      #{permission.type,jdbcType=VARCHAR}::guacamole_object_permission_type,
-                     #{permission.objectIdentifier,jdbcType=INTEGER})
+                    <choose>
+                        <when test="caseSensitivity.caseSensitiveGroupNames()">
+                            #{permission.objectIdentifier,jdbcType=INTEGER}
+                        </when>
+                        <otherwise>
+                            LOWER(#{permission.objectIdentifier,jdbcType=INTEGER})
+                        </otherwise>
+                    </choose>
+                    )
                 </foreach>
             AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
 
@@ -140,7 +180,14 @@
             </foreach>
         AS permissions
         JOIN guacamole_entity affected_entity ON
-                affected_entity.name = permissions.affected_name
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        affected_entity.name = permissions.affected_name
+                    </when>
+                    <otherwise>
+                        LOWER(affected_entity.name) = LOWER(permissions.affected_name)
+                    </otherwise>
+                </choose>
             AND affected_entity.type = 'USER_GROUP'::guacamole_entity_type
         JOIN guacamole_user_group affected_group ON affected_group.entity_id = affected_entity.entity_id
         WHERE (permissions.entity_id, permissions.permission, affected_group.user_group_id) NOT IN (

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserPermissionMapper.xml

@@ -43,9 +43,10 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND affected_entity.type = 'USER'::guacamole_entity_type
 
@@ -63,14 +64,16 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}::guacamole_object_permission_type
+            AND affected_entity.type = 'USER'::guacamole_entity_type
             AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     affected_entity.name = #{identifier,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
@@ -78,8 +81,6 @@
                 </otherwise>
             </choose>
 
-            AND affected_entity.type = 'USER'::guacamole_entity_type
-
     </select>
 
     <!-- Select identifiers accessible by the given entity for the given permissions -->
@@ -91,13 +92,15 @@
         JOIN guacamole_entity affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="guacamole_user_permission.entity_id"/>
+                <property name="column"          value="guacamole_user_permission.entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
+            AND affected_entity.type = 'USER'::guacamole_entity_type
             AND 
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         affected_entity.name IN
                         <foreach collection="identifiers" item="identifier"
                          open="(" separator="," close=")">
@@ -117,7 +120,6 @@
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}::guacamole_object_permission_type
                 </foreach>
-            AND affected_entity.type = 'USER'::guacamole_entity_type
             
     </select>
 
@@ -129,9 +131,11 @@
         WHERE
             guacamole_user_permission.affected_user_id = affected_user.user_id
             AND affected_user.entity_id = affected_entity.entity_id
+            AND affected_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
-                    AND (guacamole_user_permission.entity_id, permission, affected_entity.name) IN
+                    (guacamole_user_permission.entity_id, permission, affected_entity.name) IN
                     <foreach collection="permissions" item="permission"
                             open="(" separator="," close=")">
                         (#{permission.entityID,jdbcType=INTEGER},
@@ -140,7 +144,7 @@
                     </foreach>
                 </when>
                 <otherwise>
-                    AND (guacamole_user_permission.entity_id, permission, LOWER(affected_entity.name)) IN
+                    (guacamole_user_permission.entity_id, permission, LOWER(affected_entity.name)) IN
                     <foreach collection="permissions" item="permission"
                              open="(" separator="," close=")">
                         (#{permission.entityID,jdbcType=INTEGER},
@@ -149,7 +153,6 @@
                     </foreach>
                 </otherwise>
             </choose>
-            AND affected_entity.type = 'USER'::guacamole_entity_type
 
     </delete>
 
@@ -174,15 +177,16 @@
             </foreach>
         AS permissions
         JOIN guacamole_entity affected_entity ON
+            affected_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     affected_entity.name = permissions.affected_name
                 </when>
                 <otherwise>
                     LOWER(affected_entity.name) = LOWER(permissions.affected_name)
                 </otherwise>
             </choose>
-            AND affected_entity.type = 'USER'::guacamole_entity_type
         JOIN guacamole_user affected_user ON affected_user.entity_id = affected_entity.entity_id
         WHERE (permissions.entity_id, permissions.permission, affected_user.user_id) NOT IN (
             SELECT

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml

@@ -66,9 +66,10 @@
         FROM guacamole_sharing_profile_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -76,8 +77,9 @@
     <!-- Select identifiers of all readable sharing profiles -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -125,8 +127,9 @@
             </foreach>
             AND guacamole_sharing_profile.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -142,8 +145,9 @@
             </foreach>
             AND guacamole_sharing_profile_attribute.sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/user/PasswordRecordMapper.xml

@@ -44,7 +44,7 @@
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserMapper.xml

@@ -82,9 +82,10 @@
         FROM guacamole_user_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -94,14 +95,14 @@
         SELECT guacamole_entity.name
         FROM guacamole_user
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
-            guacamole_user.user_id IN (
+            AND guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
     </select>
 
     <!-- Select multiple users by username -->
@@ -130,9 +131,10 @@
         FROM guacamole_user
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -143,7 +145,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -151,7 +153,6 @@
                     </otherwise>
                 </choose>
             </foreach>    
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
         GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
 
         SELECT
@@ -161,9 +162,10 @@
         FROM guacamole_user_attribute
         JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
-        WHERE 
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -174,7 +176,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -182,7 +184,7 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type;
+            ;
 
     </select>
 
@@ -212,9 +214,10 @@
         FROM guacamole_user
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
-        WHERE 
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -225,7 +228,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -233,11 +236,11 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
             AND guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
         GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
@@ -249,9 +252,10 @@
         FROM guacamole_user_attribute
         JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
-        WHERE 
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -262,7 +266,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -270,11 +274,11 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
             AND guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -306,16 +310,16 @@
         FROM guacamole_user
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
         LEFT JOIN guacamole_user_history ON guacamole_user_history.user_id = guacamole_user.user_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER(guacamole_entity.name) = LOWER(#{username,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
         GROUP BY guacamole_user.user_id, guacamole_entity.entity_id;
 
         SELECT
@@ -325,31 +329,31 @@
         FROM guacamole_user_attribute
         JOIN guacamole_user ON guacamole_user.user_id = guacamole_user_attribute.user_id
         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER(guacamole_entity.name) = LOWER(#{username,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND guacamole_entity.type = 'USER'::guacamole_entity_type
     </select>
 
     <!-- Delete single user by username -->
     <delete id="delete">
         DELETE FROM guacamole_entity
-        WHERE
+        WHERE type = 'USER'::guacamole_entity_type
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     name = #{identifier,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER(name) = LOWER(#{identifier,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND type = 'USER'::guacamole_entity_type
     </delete>
 
     <!-- Insert single user -->

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserParentUserGroupMapper.xml

@@ -43,8 +43,9 @@
         WHERE
             guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.member_entity_id = #{parent.entityID,jdbcType=INTEGER}
@@ -60,11 +61,24 @@
             AND guacamole_user_group.user_group_id = guacamole_user_group_member.user_group_id
             AND guacamole_entity.entity_id = guacamole_user_group.entity_id
             AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            AND guacamole_entity.name IN
+            AND 
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+        
     </delete>
 
     <!-- Insert parent groups by name -->
@@ -78,13 +92,25 @@
             #{parent.entityID,jdbcType=INTEGER}
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_entity.name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
             AND guacamole_user_group.user_group_id NOT IN (
                 SELECT guacamole_user_group_member.user_group_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserRecordMapper.xml

@@ -50,7 +50,7 @@
              JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -89,7 +89,7 @@
             
             <if test="identifier != null">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_user_history.username = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -107,7 +107,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>
@@ -161,15 +161,16 @@
             <!-- Restrict to readable users -->
             guacamole_connection_history.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
             <if test="identifier != null">
                 AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         guacamole_entity.name = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -187,7 +188,7 @@
                         JOIN guacamole_entity ON guacamole_user.entity_id = guacamole_entity.entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     POSITION(#{term.term,jdbcType=VARCHAR} IN guacamole_entity.name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMapper.xml

@@ -68,9 +68,10 @@
         FROM guacamole_user_group_permission
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -80,14 +81,14 @@
         SELECT guacamole_entity.name
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_user_group.user_group_id IN (
+            AND guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
     </select>
 
     <!-- Select multiple groups by name -->
@@ -101,12 +102,25 @@
             disabled
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            <foreach collection="identifiers" item="identifier"
+            AND 
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    guacamole_entity.name IN
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type;
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            ;
 
         SELECT
             guacamole_user_group_attribute.user_group_id,
@@ -115,12 +129,25 @@
         FROM guacamole_user_group_attribute
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    guacamole_entity.name IN
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type;
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            ;
 
     </select>
 
@@ -135,16 +162,29 @@
             disabled
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    guacamole_entity.name IN
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -155,16 +195,29 @@
         FROM guacamole_user_group_attribute
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE guacamole_entity.name IN
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    guacamole_entity.name IN
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND  guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -181,9 +234,17 @@
             disabled
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_entity.name = #{name,jdbcType=VARCHAR}
+            AND
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type;
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
+            ;
 
         SELECT
             guacamole_user_group_attribute.user_group_id,
@@ -192,18 +253,34 @@
         FROM guacamole_user_group_attribute
         JOIN guacamole_user_group ON guacamole_user_group.user_group_id = guacamole_user_group_attribute.user_group_id
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_entity.name = #{name,jdbcType=VARCHAR}
+            AND
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    guacamole_entity.name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
+            ; 
 
     </select>
 
     <!-- Delete single group by name -->
     <delete id="delete">
         DELETE FROM guacamole_entity
-        WHERE
+        WHERE type = 'USER_GROUP'::guacamole_entity_type
-            name = #{identifier,jdbcType=VARCHAR}
+            AND
-            AND type = 'USER_GROUP'::guacamole_entity_type
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    name = #{identifier,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(name) = LOWER(#{identifier,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
+            
     </delete>
 
     <!-- Insert single group -->

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserGroupMapper.xml

@@ -42,8 +42,9 @@
         WHERE
             guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.user_group_id = #{parent.objectID,jdbcType=INTEGER}
@@ -58,11 +59,24 @@
             user_group_id = #{parent.objectID,jdbcType=INTEGER}
             AND guacamole_entity.entity_id = member_entity_id
             AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            AND guacamole_entity.name IN
+            AND 
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+        
     </delete>
 
     <!-- Insert member groups by name -->
@@ -75,13 +89,24 @@
             #{parent.objectID,jdbcType=INTEGER},
             guacamole_entity.entity_id
         FROM guacamole_entity
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_entity.name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+                             open="(" separator="," close=")">
+                        #{identifier}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier})
+                    </foreach>
+                </otherwise>
+            </choose> 
             AND guacamole_entity.entity_id NOT IN (
                 SELECT guacamole_user_group_member.member_entity_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserMapper.xml

@@ -42,8 +42,9 @@
         WHERE
             guacamole_user.user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.user_group_id = #{parent.objectID,jdbcType=INTEGER}
@@ -60,7 +61,7 @@
             AND guacamole_entity.type = 'USER'::guacamole_entity_type
             AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -71,7 +72,7 @@
             <foreach collection="children" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -93,7 +94,7 @@
         FROM guacamole_entity
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     guacamole_entity.name
                 </when>
                 <otherwise>
@@ -104,7 +105,7 @@
             <foreach collection="children" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier}
                     </when>
                     <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupParentUserGroupMapper.xml

@@ -43,8 +43,9 @@
         WHERE
             guacamole_user_group.user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND guacamole_user_group_member.member_entity_id = #{parent.entityID,jdbcType=INTEGER}
@@ -60,11 +61,24 @@
             AND guacamole_user_group.user_group_id = guacamole_user_group_member.user_group_id
             AND guacamole_entity.entity_id = guacamole_user_group.entity_id
             AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            AND guacamole_entity.name IN
+            AND 
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+                
     </delete>
 
     <!-- Insert parent groups by name -->
@@ -78,13 +92,24 @@
             #{parent.entityID,jdbcType=INTEGER}
         FROM guacamole_user_group
         JOIN guacamole_entity ON guacamole_user_group.entity_id = guacamole_entity.entity_id
-        WHERE
+        WHERE guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
-            guacamole_entity.name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    guacamole_entity.name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
-            AND guacamole_entity.type = 'USER_GROUP'::guacamole_entity_type
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach> 
+                </when>
+                <otherwise>
+                    LOWER(guacamole_entity.name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach> 
+                </otherwise>
+            </choose>
             AND guacamole_user_group.user_group_id NOT IN (
                 SELECT guacamole_user_group_member.user_group_id
                 FROM guacamole_user_group_member

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/java/org/apache/guacamole/auth/sqlserver/SQLServerAuthenticationProviderModule.java

@@ -27,6 +27,7 @@ import java.util.Properties;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.auth.sqlserver.conf.SQLServerDriver;
 import org.apache.guacamole.auth.sqlserver.conf.SQLServerEnvironment;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.mybatis.guice.datasource.helper.JdbcHelper;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -96,8 +97,8 @@ public class SQLServerAuthenticationProviderModule implements Module {
         // Capture which driver to use for the connection.
         this.sqlServerDriver = environment.getSQLServerDriver();
         
-        // Check for case-sensitivity and warn admin.
+        // Check for case sensitivity and warn admin.
-        if (environment.getCaseSensitiveUsernames())
+        if (environment.getCaseSensitivity() != CaseSensitivity.DISABLED)
             LOGGER.warn("The SQL Server module is currently configured to support "
                     + "case-sensitive username comparisons, however, the default "
                     + "collations for SQL Server databases do not support "

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/base/EntityMapper.xml

@@ -51,11 +51,23 @@
                     JOIN [guacamole_user_group] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
                     WHERE
                         type = 'USER_GROUP'
-                        AND name IN
+                        AND 
-                            <foreach collection="${groups}" item="effectiveGroup"
+                        <choose>
-                                     open="(" separator="," close=")">
+                            <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                #{effectiveGroup,jdbcType=VARCHAR}
+                                name IN
-                            </foreach>
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                </foreach>
+                            </when>
+                            <otherwise>
+                                LOWER(name) IN
+                                <foreach collection="${groups}" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                </foreach>
+                            </otherwise>
+                        </choose>
                         AND disabled = 0
                 )
             </if>
@@ -83,11 +95,23 @@
                     JOIN [guacamole_user_group] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
                     WHERE
                         type = 'USER_GROUP'
-                        AND name IN
+                        AND 
-                            <foreach collection="effectiveGroups" item="effectiveGroup"
+                        <choose>
-                                     open="(" separator="," close=")">
+                            <when test="caseSensitivity.caseSensitiveGroupNames()">
-                                #{effectiveGroup,jdbcType=VARCHAR}
+                                name IN
-                            </foreach>
+                                <foreach collection="effectiveGroups" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    #{effectiveGroup,jdbcType=VARCHAR}
+                                </foreach>
+                            </when>
+                            <otherwise>
+                                LOWER(name) IN
+                                <foreach collection="effectiveGroups" item="effectiveGroup"
+                                         open="(" separator="," close=")">
+                                    LOWER(#{effectiveGroup,jdbcType=VARCHAR})
+                                </foreach>
+                            </otherwise>
+                        </choose>
                         AND [guacamole_user_group].disabled = 0
             </if>
             UNION ALL

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionMapper.xml

@@ -82,9 +82,10 @@
         FROM [guacamole_connection_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -92,8 +93,9 @@
     <!-- Select identifiers of all readable connections -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -115,8 +117,9 @@
             <if test="parentIdentifier == null">parent_id IS NULL</if>
             AND connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
     </select>
@@ -199,8 +202,9 @@
             </foreach>
             AND [guacamole_connection].connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -213,8 +217,9 @@
             </foreach>
             AND [guacamole_sharing_profile].sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -230,8 +235,9 @@
             </foreach>
             AND [guacamole_connection_attribute].connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connection/ConnectionRecordMapper.xml

@@ -69,7 +69,7 @@
              JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         [guacamole_entity].name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -119,7 +119,7 @@
                         FROM [guacamole_user]
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     CHARINDEX(#{term.term,jdbcType=VARCHAR} IN username) > 0
                                 </when>
                                 <otherwise>
@@ -186,16 +186,18 @@
             <!-- Restrict to readable connections -->
             AND [guacamole_connection_history].connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
             <!-- Restrict to readable users -->
             AND [guacamole_connection_history].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
 
@@ -212,7 +214,7 @@
                         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
                         WHERE
                             <choose>
-                                <hen test="caseSensitive">
+                                <hen test="caseSensitivity.caseSensitiveUsernames()">
                                     CHARINDEX(#{term.term,jdbcType=VARCHAR} IN [guacamole_entity].name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/connectiongroup/ConnectionGroupMapper.xml

@@ -83,9 +83,10 @@
         FROM [guacamole_connection_group_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -93,8 +94,9 @@
     <!-- Select identifiers of all readable connection groups -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -116,8 +118,9 @@
             <if test="parentIdentifier == null">parent_id IS NULL</if>
             AND connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
     </select>
@@ -190,8 +193,9 @@
             </foreach>
             AND [guacamole_connection_group].connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -204,8 +208,9 @@
             </foreach>
             AND [guacamole_connection_group].connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -218,8 +223,9 @@
             </foreach>
             AND [guacamole_connection].connection_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connection.ConnectionMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -235,8 +241,9 @@
             </foreach>
             AND [guacamole_connection_group_attribute].connection_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.connectiongroup.ConnectionGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionGroupPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM [guacamole_connection_group_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM [guacamole_connection_group_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND connection_group_id = #{identifier,jdbcType=INTEGER}
@@ -74,9 +76,10 @@
         FROM [guacamole_connection_group_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_group_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/ConnectionPermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM [guacamole_connection_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM [guacamole_connection_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND connection_id = #{identifier,jdbcType=INTEGER}
@@ -74,9 +76,10 @@
         FROM [guacamole_connection_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND connection_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SharingProfilePermissionMapper.xml

@@ -41,9 +41,10 @@
         FROM [guacamole_sharing_profile_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -58,9 +59,10 @@
         FROM [guacamole_sharing_profile_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
             AND sharing_profile_id = #{identifier,jdbcType=INTEGER}
@@ -74,9 +76,10 @@
         FROM [guacamole_sharing_profile_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND sharing_profile_id IN
                 <foreach collection="identifiers" item="identifier"

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/SystemPermissionMapper.xml

@@ -39,9 +39,10 @@
         FROM [guacamole_system_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
 
     </select>
@@ -55,9 +56,10 @@
         FROM [guacamole_system_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = #{type,jdbcType=VARCHAR}
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserGroupPermissionMapper.xml

@@ -43,9 +43,10 @@
         JOIN [guacamole_entity] affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_group_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_group_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND affected_entity.type = 'USER_GROUP'
 
@@ -63,13 +64,22 @@
         JOIN [guacamole_entity] affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_group_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_group_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
-            AND permission = #{type,jdbcType=VARCHAR}
-            AND affected_entity.name = #{identifier,jdbcType=VARCHAR}
             AND affected_entity.type = 'USER_GROUP'
+            AND permission = #{type,jdbcType=VARCHAR}
+            AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    affected_entity.name = #{identifier,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER(affected_entity.name) = LOWER(#{identifier,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
 
     </select>
 
@@ -82,21 +92,34 @@
         JOIN [guacamole_entity] affected_entity ON affected_group.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_group_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_group_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
-            AND affected_entity.name IN
+            AND affected_entity.type = 'USER_GROUP'
-                <foreach collection="identifiers" item="identifier"
+            AND 
-                         open="(" separator="," close=")">
+            <choose>
-                    #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                </foreach>
+                    affected_entity.name IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER(affected_entity.name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND permission IN
                 <foreach collection="permissions" item="permission"
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}
                 </foreach>
-            AND affected_entity.type = 'USER_GROUP'
             
     </select>
 
@@ -112,8 +135,16 @@
                      open="(" separator=" OR " close=")">
                 ([guacamole_user_group_permission].entity_id = #{permission.entityID,jdbcType=INTEGER} AND
                  permission = #{permission.type,jdbcType=VARCHAR} AND
-                 affected_entity.name = #{permission.objectIdentifier,jdbcType=VARCHAR} AND
+                 affected_entity.type = 'USER_GROUP'
-                 affected_entity.type = 'USER_GROUP')
+                <choose>
+                    <when test="caseSensitivity.caseSensitiveGroupNames()">
+                        affected_entity.name = #{permission.objectIdentifier,jdbcType=VARCHAR}
+                    </when>
+                    <otherwise>
+                        LOWER(affected_entity.name) = LOWER(#{permission.objectIdentifier,jdbcType=VARCHAR})
+                    </otherwise>
+                </choose>
+                )
             </foreach>
 
     </delete>
@@ -139,8 +170,16 @@
             </foreach>
         AS permissions
         JOIN [guacamole_entity] affected_entity ON
-                affected_entity.name = permissions.affected_name
+                affected_entity.type = 'USER_GROUP'
-            AND affected_entity.type = 'USER_GROUP'
+                AND
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    affected_entity.name = permissions.affected_name
+                </when>
+                <test>
+                    LOWER(affected_entity.name) = LOWER(permissions.affected_name)
+                </test>
+            </choose>
         JOIN [guacamole_user_group] affected_group ON affected_group.entity_id = affected_entity.entity_id
         WHERE NOT EXISTS (SELECT 1 FROM [guacamole_user_group_permission]
             WHERE [guacamole_user_group_permission].entity_id = permissions.entity_id

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/permission/UserPermissionMapper.xml

@@ -42,12 +42,14 @@
         JOIN [guacamole_user] affected_user ON [guacamole_user_permission].affected_user_id = affected_user.user_id
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
+            affected_entity.type = 'USER'
+            AND
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include> 
-            AND affected_entity.type = 'USER'
 
     </select>
 
@@ -63,21 +65,22 @@
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
+            AND affected_entity.type = 'USER'
             AND permission = #{type,jdbcType=VARCHAR}
             AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         affected_entity.name = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
                         LOWER(affected_entity.name) = LOWER(#{identifier,jdbcType=VARCHAR})
                     </otherwise>
                 </choose>
-            AND affected_entity.type = 'USER'
 
     </select>
 
@@ -90,13 +93,15 @@
         JOIN [guacamole_entity] affected_entity ON affected_user.entity_id = affected_entity.entity_id
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="[guacamole_user_permission].entity_id"/>
+                <property name="column"          value="[guacamole_user_permission].entity_id"/>
-                <property name="entityID" value="#{entity.entityID,jdbcType=INTEGER}"/>
+                <property name="entityID"        value="#{entity.entityID,jdbcType=INTEGER}"/>
-                <property name="groups"   value="effectiveGroups"/>
+                <property name="groups"          value="effectiveGroups"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
+            AND affected_entity.type = 'USER'
             AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         affected_entity.name IN
                         <foreach collection="identifiers" item="identifier"
                          open="(" separator="," close=")">
@@ -116,7 +121,6 @@
                          open="(" separator="," close=")">
                     #{permission,jdbcType=VARCHAR}
                 </foreach>
-            AND affected_entity.type = 'USER'
             
     </select>
 
@@ -133,7 +137,7 @@
                 ([guacamole_user_permission].entity_id = #{permission.entityID,jdbcType=INTEGER} AND
                  permission = #{permission.type,jdbcType=VARCHAR} AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         affected_entity.name = #{permission.objectIdentifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -167,15 +171,16 @@
             </foreach>
         AS permissions
         JOIN [guacamole_entity] affected_entity ON
+            affected_entity.type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     affected_entity.name = permissions.affected_name
                 </when>
                 <otherwise>
                     LOWER(affected_entity.name) = LOWER(permissions.affected_name)
                 </otherwise>
             </choose> 
-            AND affected_entity.type = 'USER'
         JOIN [guacamole_user] affected_user ON affected_user.entity_id = affected_entity.entity_id
         WHERE NOT EXISTS (SELECT 1 FROM [guacamole_user_permission]
             WHERE [guacamole_user_permission].entity_id = permissions.entity_id

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/sharingprofile/SharingProfileMapper.xml

@@ -66,9 +66,10 @@
         FROM [guacamole_sharing_profile_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -76,8 +77,9 @@
     <!-- Select identifiers of all readable sharing profiles -->
     <select id="selectReadableIdentifiers" resultType="string">
         <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-            <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+            <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-            <property name="groups"   value="effectiveGroups"/>
+            <property name="groups"          value="effectiveGroups"/>
+            <property name="caseSensitivity" value="${caseSensitivity}"/>
         </include>
     </select>
 
@@ -125,8 +127,9 @@
             </foreach>
             AND [guacamole_sharing_profile].sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -142,8 +145,9 @@
             </foreach>
             AND [guacamole_sharing_profile_attribute].sharing_profile_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.sharingprofile.SharingProfileMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/user/PasswordRecordMapper.xml

@@ -44,7 +44,7 @@
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserMapper.xml

@@ -82,9 +82,10 @@
         FROM [guacamole_user_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -97,8 +98,9 @@
         WHERE
             [guacamole_user].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND [guacamole_entity].type = 'USER'
@@ -134,8 +136,10 @@
         FROM [guacamole_user]
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -146,7 +150,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -154,7 +158,7 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND [guacamole_entity].type = 'USER';
+            ;
 
         SELECT
             [guacamole_user_attribute].user_id,
@@ -164,8 +168,10 @@
         JOIN [guacamole_user] ON [guacamole_user].user_id = [guacamole_user_attribute].user_id
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -176,7 +182,7 @@
             <foreach collection="identifiers" item="identifier"
                     open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -184,7 +190,7 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND [guacamole_entity].type = 'USER';
+            ;
 
     </select>
 
@@ -218,8 +224,10 @@
         FROM [guacamole_user]
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -230,7 +238,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -238,7 +246,6 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND [guacamole_entity].type = 'USER'
             AND [guacamole_user].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
                     <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
@@ -254,8 +261,10 @@
         JOIN [guacamole_user] ON [guacamole_user].user_id = [guacamole_user_attribute].user_id
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -266,7 +275,7 @@
             <foreach collection="identifiers" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -274,11 +283,11 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND [guacamole_entity].type = 'USER'
             AND [guacamole_user].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -314,15 +323,17 @@
         FROM [guacamole_user]
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER([guacamole_entity].name) = LOWER(#{username,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND [guacamole_entity].type = 'USER';
+            ;
 
         SELECT
             [guacamole_user_attribute].user_id,
@@ -332,15 +343,16 @@
         JOIN [guacamole_user] ON [guacamole_user].user_id = [guacamole_user_attribute].user_id
         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
         WHERE
+            [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name = #{username,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER([guacamole_entity].name) = LOWER(#{username,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND [guacamole_entity].type = 'USER'
 
     </select>
 
@@ -348,15 +360,16 @@
     <delete id="delete">
         DELETE FROM [guacamole_entity]
         WHERE
+            type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     name = #{identifier,jdbcType=VARCHAR}
                 </when>
                 <otherwise>
                     LOWER(name) = LOWER(#{identifier,jdbcType=VARCHAR})
                 </otherwise>
             </choose>
-            AND type = 'USER'
     </delete>
 
     <!-- Insert single user -->

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserParentUserGroupMapper.xml

@@ -43,8 +43,9 @@
         WHERE
             [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND [guacamole_user_group_member].member_entity_id = #{parent.entityID,jdbcType=INTEGER}
@@ -60,11 +61,24 @@
         WHERE
             member_entity_id = #{parent.entityID,jdbcType=INTEGER}
             AND [guacamole_entity].type = 'USER_GROUP'
-            AND [guacamole_entity].name IN
+            AND 
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    [guacamole_entity].name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+
     </delete>
 
     <!-- Insert parent groups by name -->
@@ -79,12 +93,25 @@
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
         WHERE
-            [guacamole_entity].name IN
+            [guacamole_entity].type = 'USER_GROUP'
-                <foreach collection="children" item="identifier"
+            AND
-                         open="(" separator="," close=")">
+            <choose>
-                    #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                </foreach>
+                    [guacamole_entity].name IN
-            AND [guacamole_entity].type = 'USER_GROUP'
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
             AND [guacamole_user_group].user_group_id NOT IN (
                 SELECT [guacamole_user_group_member].user_group_id
                 FROM [guacamole_user_group_member]

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/user/UserRecordMapper.xml

@@ -50,7 +50,7 @@
              JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
              WHERE
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         [guacamole_entity].name = #{record.username,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -89,7 +89,7 @@
             
             <if test="identifier != null">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         [guacamole_user_history].username = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -107,7 +107,7 @@
                         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     CHARINDEX(#{term.term,jdbcType=VARCHAR} IN [guacamole_entity].name) > 0
                                 </when>
                                 <otherwise>
@@ -159,15 +159,16 @@
             <!-- Restrict to readable users -->
             [guacamole_connection_history].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             
             <if test="identifier != null">
                 AND
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         [guacamole_entity].name = #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -185,7 +186,7 @@
                         JOIN [guacamole_entity] ON [guacamole_user].entity_id = [guacamole_entity].entity_id
                         WHERE
                             <choose>
-                                <when test="caseSensitive">
+                                <when test="caseSensitivity.caseSensitiveUsernames()">
                                     CHARINDEX(#{term.term,jdbcType=VARCHAR} IN [guacamole_entity].name) > 0
                                 </when>
                                 <otherwise>

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMapper.xml

@@ -68,9 +68,10 @@
         FROM [guacamole_user_group_permission]
         WHERE
             <include refid="org.apache.guacamole.auth.jdbc.base.EntityMapper.isRelatedEntity">
-                <property name="column"   value="entity_id"/>
+                <property name="column"          value="entity_id"/>
-                <property name="entityID" value="${entityID}"/>
+                <property name="entityID"        value="${entityID}"/>
-                <property name="groups"   value="${groups}"/>
+                <property name="groups"          value="${groups}"/>
+                <property name="caseSensitivity" value="${caseSensitivity}"/>
             </include>
             AND permission = 'READ'
     </sql>
@@ -81,13 +82,14 @@
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
         WHERE
-            [guacamole_user_group].user_group_id IN (
+            [guacamole_entity].type = 'USER_GROUP'
+            AND [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             ) 
-            AND [guacamole_entity].type = 'USER_GROUP'
     </select>
 
     <!-- Select multiple groups by name -->
@@ -101,12 +103,26 @@
             disabled
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE [guacamole_entity].name IN
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            <foreach collection="identifiers" item="identifier"
+            AND 
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    [guacamole_entity].name IN
-            AND [guacamole_entity].type = 'USER_GROUP';
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
+            ;
 
         SELECT
             [guacamole_user_group_attribute].user_group_id,
@@ -115,12 +131,26 @@
         FROM [guacamole_user_group_attribute]
         JOIN [guacamole_user_group] ON [guacamole_user_group].user_group_id = [guacamole_user_group_attribute].user_group_id
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE [guacamole_entity].name IN
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    [guacamole_entity].name IN
-            AND [guacamole_entity].type = 'USER_GROUP';
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
+            ;
 
     </select>
 
@@ -135,16 +165,29 @@
             disabled
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE [guacamole_entity].name IN
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    [guacamole_entity].name IN
-            AND [guacamole_entity].type = 'USER_GROUP'
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -155,16 +198,29 @@
         FROM [guacamole_user_group_attribute]
         JOIN [guacamole_user_group] ON [guacamole_user_group].user_group_id = [guacamole_user_group_attribute].user_group_id
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE [guacamole_entity].name IN
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            <foreach collection="identifiers" item="identifier"
+            AND
-                     open="(" separator="," close=")">
+            <choose>
-                #{identifier,jdbcType=VARCHAR}
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-            </foreach>
+                    [guacamole_entity].name IN
-            AND [guacamole_entity].type = 'USER_GROUP'
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="identifiers" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND  [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             );
 
@@ -181,9 +237,17 @@
             disabled
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            [guacamole_entity].name = #{name,jdbcType=VARCHAR}
+            AND
-            AND [guacamole_entity].type = 'USER_GROUP';
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    [guacamole_entity].name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
+            ;
 
         SELECT
             [guacamole_user_group_attribute].user_group_id,
@@ -192,9 +256,16 @@
         FROM [guacamole_user_group_attribute]
         JOIN [guacamole_user_group] ON [guacamole_user_group].user_group_id = [guacamole_user_group_attribute].user_group_id
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            [guacamole_entity].name = #{name,jdbcType=VARCHAR}
+            AND
-            AND [guacamole_entity].type = 'USER_GROUP'
+            <choose>
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
+                    [guacamole_entity].name = #{name,jdbcType=VARCHAR}
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) = LOWER(#{name,jdbcType=VARCHAR})
+                </otherwise>
+            </choose>
 
     </select>
 

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserGroupMapper.xml

@@ -42,8 +42,9 @@
         WHERE
             [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND [guacamole_user_group_member].user_group_id = #{parent.objectID,jdbcType=INTEGER}
@@ -58,11 +59,24 @@
         WHERE
             user_group_id = #{parent.objectID,jdbcType=INTEGER}
             AND [guacamole_entity].type = 'USER_GROUP'
-            AND [guacamole_entity].name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    [guacamole_entity].name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
     </delete>
 
     <!-- Insert member groups by name -->
@@ -75,13 +89,25 @@
             #{parent.objectID,jdbcType=INTEGER},
             [guacamole_entity].entity_id
         FROM [guacamole_entity]
-        WHERE
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            [guacamole_entity].name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier}
+                    [guacamole_entity].name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
-            AND [guacamole_entity].type = 'USER_GROUP'
+                             open="(" separator="," close=")">
+                        #{identifier}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier})
+                    </foreach>
+                </otherwise>
+            </choose>
+            
             AND [guacamole_entity].entity_id NOT IN (
                 SELECT [guacamole_user_group_member].member_entity_id
                 FROM [guacamole_user_group_member]

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupMemberUserMapper.xml

@@ -42,8 +42,9 @@
         WHERE
             [guacamole_user].user_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.user.UserMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND [guacamole_user_group_member].user_group_id = #{parent.objectID,jdbcType=INTEGER}
@@ -60,7 +61,7 @@
             AND [guacamole_entity].type = 'USER'
             AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -71,7 +72,7 @@
             <foreach collection="children" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier,jdbcType=VARCHAR}
                     </when>
                     <otherwise>
@@ -91,9 +92,10 @@
             #{parent.objectID,jdbcType=INTEGER},
             [guacamole_entity].entity_id
         FROM [guacamole_entity]
-        WHERE
+        WHERE [guacamole_entity].type = 'USER'
+            AND
             <choose>
-                <when test="caseSensitive">
+                <when test="caseSensitivity.caseSensitiveUsernames()">
                     [guacamole_entity].name
                 </when>
                 <otherwise>
@@ -104,7 +106,7 @@
             <foreach collection="children" item="identifier"
                      open="(" separator="," close=")">
                 <choose>
-                    <when test="caseSensitive">
+                    <when test="caseSensitivity.caseSensitiveUsernames()">
                         #{identifier}
                     </when>
                     <otherwise>
@@ -112,7 +114,6 @@
                     </otherwise>
                 </choose>
             </foreach>
-            AND [guacamole_entity].type = 'USER'
             AND [guacamole_entity].entity_id NOT IN (
                 SELECT [guacamole_user_group_member].member_entity_id
                 FROM [guacamole_user_group_member]

extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-sqlserver/src/main/resources/org/apache/guacamole/auth/jdbc/usergroup/UserGroupParentUserGroupMapper.xml

@@ -43,8 +43,9 @@
         WHERE
             [guacamole_user_group].user_group_id IN (
                 <include refid="org.apache.guacamole.auth.jdbc.usergroup.UserGroupMapper.getReadableIDs">
-                    <property name="entityID" value="#{user.entityID,jdbcType=INTEGER}"/>
+                    <property name="entityID"        value="#{user.entityID,jdbcType=INTEGER}"/>
-                    <property name="groups"   value="effectiveGroups"/>
+                    <property name="groups"          value="effectiveGroups"/>
+                    <property name="caseSensitivity" value="${caseSensitivity}"/>
                 </include>
             )
             AND [guacamole_user_group_member].member_entity_id = #{parent.entityID,jdbcType=INTEGER}
@@ -60,11 +61,24 @@
         WHERE
             member_entity_id = #{parent.entityID,jdbcType=INTEGER}
             AND [guacamole_entity].type = 'USER_GROUP'
-            AND [guacamole_entity].name IN
+            AND 
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    [guacamole_entity].name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
+                
     </delete>
 
     <!-- Insert parent groups by name -->
@@ -78,13 +92,24 @@
             #{parent.entityID,jdbcType=INTEGER}
         FROM [guacamole_user_group]
         JOIN [guacamole_entity] ON [guacamole_user_group].entity_id = [guacamole_entity].entity_id
-        WHERE
+        WHERE [guacamole_entity].type = 'USER_GROUP'
-            [guacamole_entity].name IN
+            AND
-                <foreach collection="children" item="identifier"
+            <choose>
-                         open="(" separator="," close=")">
+                <when test="caseSensitivity.caseSensitiveGroupNames()">
-                    #{identifier,jdbcType=VARCHAR}
+                    [guacamole_entity].name IN
-                </foreach>
+                    <foreach collection="children" item="identifier"
-            AND [guacamole_entity].type = 'USER_GROUP'
+                             open="(" separator="," close=")">
+                        #{identifier,jdbcType=VARCHAR}
+                    </foreach>
+                </when>
+                <otherwise>
+                    LOWER([guacamole_entity].name) IN
+                    <foreach collection="children" item="identifier"
+                             open="(" separator="," close=")">
+                        LOWER(#{identifier,jdbcType=VARCHAR})
+                    </foreach>
+                </otherwise>
+            </choose>
             AND [guacamole_user_group].user_group_id NOT IN (
                 SELECT [guacamole_user_group_member].user_group_id
                 FROM [guacamole_user_group_member]

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/conf/JacksonLDAPConfiguration.java

@@ -204,13 +204,6 @@ public class JacksonLDAPConfiguration implements LDAPConfiguration {
     @JsonProperty("member-attribute-type")
     private String memberAttributeType;
 
-    /**
-     * The raw YAML value of {@link LDAPGuacamoleProperties#LDAP_USERNAMES_CASE_SENSITIVE}.
-     * If not set within the YAML, this will currently default to true.
-     */
-    @JsonProperty("case-sensitive-usernames")
-    private String caseSensitiveUsernames;
-
     /**
      * The default configuration options for all parameters.
      */

guacamole-ext/src/main/java/org/apache/guacamole/environment/DelegatingEnvironment.java

@@ -24,6 +24,7 @@ import java.util.Collection;
 import java.util.Map;
 import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.net.auth.GuacamoleProxyConfiguration;
+import org.apache.guacamole.properties.CaseSensitivity;
 import org.apache.guacamole.properties.GuacamoleProperties;
 import org.apache.guacamole.properties.GuacamoleProperty;
 import org.apache.guacamole.protocols.ProtocolInfo;
@@ -115,8 +116,8 @@ public class DelegatingEnvironment implements Environment {
     }
     
     @Override
-    public boolean getCaseSensitiveUsernames() throws GuacamoleException {
+    public CaseSensitivity getCaseSensitivity() throws GuacamoleException {
-        return environment.getCaseSensitiveUsernames();
+        return environment.getCaseSensitivity();
     }
 
 }

guacamole-ext/src/main/java/org/apache/guacamole/environment/Environment.java

@@ -28,6 +28,8 @@ import org.apache.guacamole.GuacamoleException;
 import org.apache.guacamole.GuacamoleUnsupportedException;
 import org.apache.guacamole.net.auth.GuacamoleProxyConfiguration;
 import org.apache.guacamole.properties.BooleanGuacamoleProperty;
+import org.apache.guacamole.properties.CaseSensitivity;
+import org.apache.guacamole.properties.EnumGuacamoleProperty;
 import org.apache.guacamole.properties.GuacamoleProperty;
 import org.apache.guacamole.properties.IntegerGuacamoleProperty;
 import org.apache.guacamole.properties.StringGuacamoleProperty;
@@ -71,14 +73,15 @@ public interface Environment {
     };
     
     /**
-     * A property that configures whether or not Guacamole will take case
+     * A property that configures how Guacamole handles case sensitivity - it
-     * into account when comparing and processing usernames.
+     * can be enabled for both usernames and group names, just usernames, just
+     * group names, or disabled for both.
      */
-    public static final BooleanGuacamoleProperty CASE_SENSITIVE_USERNAMES =
+    public static final EnumGuacamoleProperty<CaseSensitivity> CASE_SENSITIVITY =
-            new BooleanGuacamoleProperty() {
+            new EnumGuacamoleProperty<CaseSensitivity>(CaseSensitivity.class) {
     
         @Override
-        public String getName() { return "case-sensitive-usernames"; }
+        public String getName() { return "case-sensitivity"; }
                 
     };
 
@@ -381,21 +384,19 @@ public interface Environment {
     }
     
     /**
-     * Returns true if Guacamole should consider case when comparing and
+     * Returns the case sensitivity configuration for Guacamole as defined
-     * processing usernames (case-sensitive), or false if case should not be
+     * in guacamole.properties, or the default of enabling case sensitivity
-     * considered (case-insensitive). Because the past behavior of Guacamole,
+     * for both usernames and group names.
-     * prior to the introduction of this option, was case-sensitive, the default
-     * value is true.
      * 
      * @return
-     *     true if Guacamole should consider usernames case-sensitive, otherwise
+     *     The case sensitivity setting as configured in guacamole.properties,
-     *     false.
+     *     or the default of enabling case sensitivity.
      * 
      * @throws GuacamoleException 
-     *     If guacamole.properties cannot be parsed.
+     *     If guacamole.properties cannot be read or parsed.
      */
-    public default boolean getCaseSensitiveUsernames() throws GuacamoleException {
+    public default CaseSensitivity getCaseSensitivity() throws GuacamoleException {
-        return getProperty(CASE_SENSITIVE_USERNAMES, true);
+        return getProperty(CASE_SENSITIVITY, CaseSensitivity.ENABLED);
     }
 
 }

guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractAuthenticatedUser.java

@@ -55,14 +55,14 @@ public abstract class AbstractAuthenticatedUser extends AbstractIdentifiable
     @Override
     public boolean isCaseSensitive() {
         try {
-            return environment.getCaseSensitiveUsernames();
+            return environment.getCaseSensitivity().caseSensitiveUsernames();
         }
         catch (GuacamoleException e) {
-            LOGGER.warn("Exception attempting to read the Guacamole configuration, "
+            LOGGER.error("Failed to retrieve the configuration for case sensitivity: {}. "
-                      + "usernames will be treated as case-sensitive.", e.getMessage());
+                       + "Username comparisons will be case-sensitive.",
-            LOGGER.debug("Received GuacamoleException attempting to retrieve the "
+                       e.getMessage());
-                       + "case-sensitivity setting for usernames. Defaulting to"
+            LOGGER.debug("An exception was caught when attempting to retrieve the "
-                       + "case-sensitive usernames.", e);
+                       + "case sensitivity configuration.", e);
             return true;
         }
     }

guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractIdentifiable.java

@@ -73,8 +73,8 @@ public abstract class AbstractIdentifiable implements Identifiable {
         if (otherIdentifier == null)
             return identifier == null;
 
-        // If either this identifier or the one we're comparing to  is
+        // If either this identifier or the one we're comparing to is
-        // case-sensitive, evaluate with case-sensitivity.
+        // case-sensitive, evaluate with case sensitivity.
         if (isCaseSensitive() || ((AbstractIdentifiable) other).isCaseSensitive())
             return otherIdentifier.equals(identifier);
         

guacamole-ext/src/main/java/org/apache/guacamole/net/auth/AbstractUserGroup.java

@@ -22,8 +22,12 @@ package org.apache.guacamole.net.auth;
 import java.util.Collections;
 import java.util.Map;
 import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.environment.Environment;
+import org.apache.guacamole.environment.LocalEnvironment;
 import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
 import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Base implementation of UserGroup which provides default implementations of
@@ -31,6 +35,17 @@ import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
  */
 public abstract class AbstractUserGroup extends AbstractIdentifiable implements UserGroup {
 
+    /**
+     * The logger for this class.
+     */
+    private static final Logger LOGGER = LoggerFactory.getLogger(AbstractUserGroup.class);
+    
+    /**
+     * The server environment in which this Guacamole Client instance is
+     * running.
+     */
+    private final Environment environment = LocalEnvironment.getInstance();
+    
     /**
      * {@inheritDoc}
      *
@@ -180,4 +195,19 @@ public abstract class AbstractUserGroup extends AbstractIdentifiable implements
         return RelatedObjectSet.EMPTY_SET;
     }
     
+    @Override
+    public boolean isCaseSensitive() {
+        try {
+            return environment.getCaseSensitivity().caseSensitiveGroupNames();
+        }
+        catch (GuacamoleException e) {
+            LOGGER.warn("Unable to retrieve server configuration, group names "
+                      + "will default to case-sensitive.");
+            LOGGER.debug("Received an exception attempting to retrieve the "
+                       + "property for group name case sensitivity, group names"
+                       + "will be treated as case-sensitive.", e);
+            return true;
+        }
+    }
+
 }

guacamole-ext/src/main/java/org/apache/guacamole/properties/CaseSensitivity.java

@@ -0,0 +1,92 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.properties;
+
+import org.apache.guacamole.properties.EnumGuacamoleProperty.PropertyValue;
+
+/**
+ * An enum that supports configuring various user and group case sensitivity
+ * settings.
+ */
+public enum CaseSensitivity {
+    
+    /**
+     * Case sensitivity enabled for both usernames and group names.
+     */
+    @PropertyValue("enabled")
+    ENABLED(true, true),
+    
+    /**
+     * Case sensitivity enabled for usernames but disabled for group names.
+     */
+    @PropertyValue("usernames")
+    USERS(true, false),
+    
+    /**
+     * Case sensitivity disabled for usernames but enabled for group names.
+     */
+    @PropertyValue("group-names")
+    GROUPS(false, true),
+    
+    /**
+     * Case sensitivity disabled for both usernames and group names.
+     */
+    @PropertyValue("disabled")
+    DISABLED(false, false);
+    
+    /**
+     * Whether or not case sensitivity should be enabled for usernames.
+     */
+    private final boolean usernames;
+    
+    /**
+     * Whether or not case sensitivity should be enabled for group names.
+     */
+    private final boolean groupNames;
+    
+    CaseSensitivity(boolean usernames, boolean groupNames) {
+        this.usernames = usernames;
+        this.groupNames = groupNames;
+    }
+    
+    /**
+     * Return "true" if case sensitivity is enabled for usernames, otherwise
+     * "false".
+     * 
+     * @return 
+     *     "true" if case sensitivity is enabled for usernames, otherwise "false".
+     */
+    public boolean caseSensitiveUsernames() {
+        return usernames;
+    }
+    
+    /**
+     * Return "true" if case sensitivity is enabled group names, otherwise
+     * "false".
+     * 
+     * @return 
+     *     "true" if case sensitivity is enabled for group names, otherwise
+     *     "false".
+     */
+    public boolean caseSensitiveGroupNames() {
+        return groupNames;
+    }
+    
+}