Spring Security Authentication schema should be case insensitive

Summary

In both BasicAuthenticationFilter and DigestAuthenticationFilter the schema is compared case sensitive.

but

According to rfc7235 authentication schema should be case-insensitive.

Wording is a bit ambiguous but I'm also seeing similar changes to other projects: jboss rails

Actual Behavior

Authentication BASIC or Authentication basic won't work.

Expected Behavior

Authentication BASIC, Authentication Basic, Authentication basic, Authentication BaSiC should all work.

Version

All versions are affected.

I can create a PR if needed.

Comment From: marcorosi

+1

Comment From: achiinto

+1 reproduced at 4.2.1

Comment From: andrei-chirinciuc

+1 reproduced in 4.2.3 too