天天看点
返回

cas添加验证码

转自:http://www.cnblogs.com/youngjoy/p/3217688.html

cas添加验证码,折腾了好久,终于整理好了,很大部分都是借鉴http://binghejinjun.iteye.com/blog/1255293这个的。但是他的有一个很不好的地方就是不能提升验证码错误!

红色字体的为我添加的,可以提示验证码错误!很简单,感谢。原作者。谢谢。

1.   首先,我用的cas版本是3.4.6,验证码采用的是CAPTCHA,所需jar包可以google搜索,部署好cas后.在web-info目录下找到login-webflow.xml,打开,找到如下代码: 

<view-state id=

"viewLoginForm"

view=

"casLoginView"

model=

"credentials"

>

<var name=

"credentials"

class

=

"org.jasig.cas.authentication.principal.UsernamePasswordCredentials"

/>

<binder>

<binding property=

"username"

/>

<binding property=

"password"

/>

</binder>

<on-entry>

<set name=

"viewScope.commandName"

value=

"'credentials'"

/>

</on-entry>

<transition on=

"submit"

bind=

"true"

validate=

"true"

to=

"realSubmit"

>

<set name=

"flowScope.credentials"

value=

"credentials"

/>

<evaluate expression=

"authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)"

/>

</transition>

</view-state>

  此段代码的功能是绑定cas登录过程中的用户名和密码,再次我们修改如下: 

<view-state id=

"viewLoginForm"

view=

"casLoginView"

model=

"credentials"

>

<var name=

"credentials"

class

=

"org.jasig.cas.authentication.principal.UsernamePasswordCredentials"

/>

<binder>

<binding property=

"username"

/>

<binding property=

"password"

/>

</binder>

<on-entry>

<set name=

"viewScope.commandName"

value=

"'credentials'"

/>

</on-entry>

<transition on=

"submit"

bind=

"true"

validate=

"true"

to=

"yzmSubmit"

>

<set name=

"flowScope.credentials"

value=

"credentials"

/>

<evaluate expression=

"authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)"

/>

</transition>

</view-state>

  也就是说,只需要修改realSubmit为yzmSubmit即可.然后加入如下配置: 

cas添加验证码
<!--fan add start--> 
<action-state id="yzmSubmit"> 
        <evaluate expression="yzmViaFormAction.submit(flowRequestContext,messageContext)" /> 
<transition on="success" to="realSubmit" /> 
<transition on="error" to="viewLoginForm" /> 
</action-state> 
<!--fan add end-->
cas添加验证码

此段配置是自定义的验证码验证器,用来验证你提交的验证码的正确性. 

  2.在web-info下找到cas-servlet.xml,打开后,加入 

<!--fan add start-->

<bean id=

"yzmViaFormAction"

class

=

"com.ivan.zhang.servlet.YzmAction"

/>

  <!--fan add end-->此配置是注册自定义的验证码 

  3.编写如下类: 

package

com.ivan.zhang.servlet;

import

com.ivan.zhang.CaptchaServiceSingleton;

import

com.octo.captcha.service.image.ImageCaptchaService;

import

java.io.PrintStream;

import

javax.servlet.http.HttpServletRequest;

import

javax.servlet.http.HttpSession;

import

org.jasig.cas.web.support.WebUtils;

import

org.springframework.webflow.core.collection.ParameterMap;

import

org.springframework.webflow.execution.RequestContext;

public

class

YzmAction

{

public

final

String submit(RequestContext context)

throws

Exception

{

Boolean flag = Boolean.valueOf(

false

);

System.out.println(

"YzmAction is submiting...................."

);

String yzm = context.getRequestParameters().get(

"yzm"

);

String captchaId = WebUtils.getHttpServletRequest(context).getSession().getId();

flag = CaptchaServiceSingleton.getInstance().validateResponseForID(captchaId,

yzm);

if

(flag.booleanValue()) {

return

"success"

;

} <br>

//<span style="background-color: #ff0000;">我添加的改动。提示验证码错误</span>

MessageBuilder msgBuilder = new MessageBuilder();

msgBuilder.defaultText("验证码错误!");

messageContext.addMessage(msgBuilder.error().build());

return

"error"

;

}

}

  其中,flag = CaptchaServiceSingleton.getInstance().validateResponseForID(captchaId, 

      yzm); 

此句话是为了验证提交的验证码和先前生成的验证码的正确性,以此作为验证结果跳转的依据.CaptchaServiceSingleton此类是自定义类,稍后会附加完整的类供下载调试. 

4.打开web-info/view/jsp/default/ui/casLoginView.jsp,在密码下面加入

<%--fan add start --%>

<img alt=

"yzm"

src=

"captcha.jpg"

>

<spring:message code=

"screen.welcome.label.yzm.accesskey"

var=

"yzmAccessKey"

/>

<form:input cssClass=

"required"

cssErrorClass=

"error"

id=

"yzm"

size=

"25"

tabindex=

"1"

accesskey=

"${yzmAccessKey}"

path=

"yzm"

autocomplete=

"false"

htmlEscape=

"true"

/>

<%--fan add end --%>

  5. 最后一步则是注册验证码生成器,打开web.xml文件,加入 

<servlet> 

<servlet-name>jcaptcha</servlet-name> 

<servlet-

class

>com.ivan.zhang.servlet.ImageCaptchaServlet</servlet-

class

<load-on-startup>

</load-on-startup> 

</servlet>

<servlet-mapping> 

<servlet-name>jcaptcha</servlet-name> 

<url-pattern>/captcha.jpg</url-pattern> 

</servlet-mapping>

  ok,就这么简单.简单解释一下流程,web.xml中注册的类是用来调用自定义的验证码生成器,以便在显示登陆界面的时候绘制验证码图片,并在session中生成标志位并记录,当用户提交验证码和用户名密码时,会先走自定义的验证码验证器(此时会先验证验证码的正确性),如果正确,再走用户名和密码的验证,如果不正确,则直接跳转回登陆页面.yzm.jar是自定义的验证码生成器和验证类,直接打包好后放到web-info/lib下. 

努力生活,珍惜一切,知足最快乐!young joy..

shiro cas
上一篇: Shiro 访问源码之OncePerRequestFilter类的解析
下一篇: make了2小时没好,只能Yum一下了。

继续阅读