I had the exact opposite problem, so I subclassed the
JDBC realm to get case-insensitive passwords.
However, the generally accepted paradigm is that user IDs should be case-insensitive and passwords should be case-sensitive. Of course the various Unix-like OS's are case-sensitive on both, but the web is supposed to be more OS-independent.
Some of the standard realms may offer case-sensitivity switches as part of their basic config, so check the one you're using. I only did the subclass because I didn't have that option.