From add34a24dc448c2cbebb80cc5f717f576f8b56a2 Mon Sep 17 00:00:00 2001
From: "rogan.dawes" <rogan.dawes@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Wed, 25 Jul 2007 12:55:18 +0000
Subject: [PATCH] Make the test for the Auth header name case-insensitive

git-svn-id: http://webgoat.googlecode.com/svn/trunk@204 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../org/owasp/webgoat/lessons/BasicAuthentication.java          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java
index 0963c1df1..700a68910 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BasicAuthentication.java	
@@ -100,7 +100,7 @@ public class BasicAuthentication extends SequentialLessonAdapter
 	    //<START_OMIT_SOURCE>
 	    // FIXME: This won;t work for CBT, we need to use the UserTracker
 	    //Authorization: Basic Z3Vlc3Q6Z3Vlc3Q=
-	    if (headerName.equals(AUTHORIZATION)
+	    if (headerName.equalsIgnoreCase(AUTHORIZATION)
 		    && (headerValue.equals("guest:guest") || headerValue
 			    .equals("webgoat:webgoat")))
 	    {