验证码配置
1.添加验证码插件
<!-- google captcha 生成验证码 -->
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>2.3.2</version>
</dependency>
2.配置web.xml
<!-- 配置验证码插件servlet类 -->
<servlet>
<servlet-name>Kaptcha</servlet-name>
<servlet-class>com.google.code.kaptcha.servlet.KaptchaServlet</servlet-class>
<!-- 验证码边框 -->
<init-param>
<param-name>kaptcha.border</param-name>
<param-value>no</param-value>
</init-param>
<!-- 验证码字体颜色 -->
<init-param>
<param-name>kaptcha.textproducer.font.color</param-name>
<param-value>red</param-value>
</init-param>
<!-- 验证码图片的长度
<init-param>
<param-name>kaptcha.image.width</param-name>
<param-value>135</param-value>
</init-param> -->
<!-- 验证码字符串范围
<init-param>
<param-name>kaptcha.textproducer.char.string</param-name>
<param-value>ACDEFHKPRSTWX345679</param-value>
</init-param> -->
<!-- 验证码图片高度
<init-param>
<param-name>kaptcha.image.height</param-name>
<param-value>50</param-value>
</init-param> -->
<!-- 验证码字体大小
<init-param>
<param-name>kaptcha.textproducer.font.size</param-name>
<param-value>43</param-value>
</init-param> -->
<!-- 干扰线 颜色 -->
<init-param>
<param-name>kaptcha.noise.color</param-name>
<param-value>black</param-value>
</init-param>
<!-- 验证码字符串个数 -->
<init-param>
<param-name>kaptcha.textproducer.char.length</param-name>
<param-value>5</param-value>
</init-param>
<!-- 字体样式
<init-param>
<param-name>kaptcha.textproducer.font.names</param-name>
<param-value>Arial</param-value>
</init-param>-->
</servlet>
<!-- 获取验证码的URL -->
<servlet-mapping>
<servlet-name>Kaptcha</servlet-name>
<url-pattern>/captcha.jpg</url-pattern>
</servlet-mapping>
3.页面配置
<section class="row">
<label for="vCode"><spring:message code="screen.welcome.label.vCode" /></label>
<spring:message code="screen.welcome.label.vCode.accesskey" var="vCodeAccessKey" />
<form:input cssClass="required" cssErrorClass="error" id="vCode" size="10" tabindex="2" path="vCode" accesskey="${vCodeAccessKey}" htmlEscape="true" autocomplete="off" />
<img alt="<spring:message code="required.vCode" />" onclick="changeVerifyCode(this)" width="93" height="32" src="captcha.jpg">
</section>
前面三步配置好后,页面就可以显示出验证码了。
4.页面提示语
screen.welcome.label.vCode=\u9A8C\u8BC1\u7801:
screen.welcome.label.vCode.accesskey=a
screen.welcome.label.authSourceType=\u7528\u6237\u7c7b\u578b:
screen.welcome.label.authSourceType.accesskey=a
required.vCode=\u9a8c\u8bc1\u7801\u4e0d\u80fd\u4e3a\u7a7a\u3002
error.authentication.vCode.bad=\u9a8c\u8bc1\u7801\u6709\u8bef\u3002
接下来配置自定义验证
1.先创建自定义的接收登录验证实体类
public class UsernamePasswordVCodeCredential extends UsernamePasswordCredential {
@NotNull
@Size(
min=1,
message = "required.vCode"
)
private String vCode;
public String getvCode() {
return vCode;
}
public void setvCode(String vCode) {
this.vCode = vCode;
}
}
2.修改login-webflow.xml文件
<var name="credential" class="org.jasig.cas.authentication.UsernamePasswordCredential"/>
替换为
<var name="credential" class="自定义的实体类路径"/>
修改登录流程
<view-state id="viewLoginForm" view="casLoginView" model="credential">
<binder>
<binding property="username" required="true"/>
<binding property="password" required="true"/>
</binder>
<on-entry>
<set name="viewScope.commandName" value="'credential'"/>
<!--
<evaluate expression="samlMetadataUIParserAction" />
-->
</on-entry>
<transition on="submit" bind="true" validate="true" to="realSubmit"/>
</view-state>
修改为:
<view-state id="viewLoginForm" view="casLoginView" model="credential">
<binder>
<binding property="username" required="true"/>
<binding property="password" required="true"/>
<!--添加验证码-->
<binding property="vCode" required="true"/>
</binder>
<on-entry>
<set name="viewScope.commandName" value="'credential'"/>
<!--
<evaluate expression="samlMetadataUIParserAction" />
-->
</on-entry>
<!--<transition on="submit" bind="true" validate="true" to="realSubmit"/>-->
<!-- 修改登录流程 -->
<transition on="submit" bind="true" validate="true" to="vCodeValidate"/>
</view-state>
在上面这段代码的下面添加这段代码
<!-- 判断验证码是否正确 -->
<action-state id="vCodeValidate">
<evaluate expression="authenticationViaFormVCodeAction.validatorCode(flowRequestContext, flowScope.credential, messageContext)" />
<transition on="error" to="initializeLogin" />
<transition on="success" to="realSubmit" />
</action-state>
同时修改下面代码:
<action-state id="realSubmit">
<evaluate
expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
<transition on="warn" to="warn"/>
<!--
To enable AUP workflows, replace the 'success' transition with the following:
<transition on="success" to="acceptableUsagePolicyCheck" />
-->
<transition on="success" to="sendTicketGrantingTicket"/>
<transition on="successWithWarnings" to="showMessages"/>
<transition on="authenticationFailure" to="handleAuthenticationFailure"/>
<transition on="error" to="initializeLogin"/>
</action-state>
修改为
<action-state id="realSubmit">
<evaluate
expression="authenticationViaFormVCodeAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
<transition on="warn" to="warn"/>
<!--
To enable AUP workflows, replace the 'success' transition with the following:
<transition on="success" to="acceptableUsagePolicyCheck" />
-->
<transition on="success" to="sendTicketGrantingTicket"/>
<transition on="successWithWarnings" to="showMessages"/>
<transition on="authenticationFailure" to="handleAuthenticationFailure"/>
<transition on="error" to="initializeLogin"/>
</action-state>
3.添加判断验证码是否正确的action
@Component("authenticationViaFormVCodeAction")
public class AuthenticationViaFormVCodeAction extends AuthenticationViaFormAction{
//添加自定义验证方法
public final String validatorCode(final RequestContext context, final Credential credential, final MessageContext messageContext) throws Exception {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
HttpSession session = request.getSession();
String o = request.getParameter("useVCode");
boolean useVCode = o == null ? true : Boolean.valueOf(o);
if (useVCode) {
//在session中获取生成的验证码
String vCode = (String) session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
//获取前台输入的内容
UsernamePasswordVCodeCredential upvc = (UsernamePasswordVCodeCredential) credential;
String submitVCode = upvc.getvCode();
MessageBuilder msgBuilder = new MessageBuilder();
//验证验证码是否正确
if (!StringUtils.hasText(submitVCode) || !StringUtils.hasText(vCode)) {
msgBuilder.code("required.vCode");
messageContext.addMessage(msgBuilder.error().build());
return "error";
}
if (submitVCode.equalsIgnoreCase(vCode)) {
return "success";
}
msgBuilder.code("error.authentication.vCode.bad");
messageContext.addMessage(msgBuilder.error().build());
return "error";
} else {
return "success";
}
}
}
注意:由于cas 2.7.x 很多配置都基于注解,所以在自定义类的过程中如果使用到注解,需要到Spring配置文件中设置自动扫描,否则无法进行加载。
网友评论