讓你的Spring security2增加驗證碼功能

原創 kms6 2019-02-23 13:16

1.security.xml配置

  1. <!--負責認證處理的filter --> 
  2. <beans:bean id="authenticationProcessingFilter" class="com.XXX.security.filter.KMSAuthenticationProcessingFilter"> 
  3.     <custom-filter before="AUTHENTICATION_PROCESSING_FILTER"/> 
  4.     <beans:property name="authenticationManager" ref="authenticationManager"/> 
  5.     <beans:property name="validateRandom" value="true"/> 
  6. </beans:bean> 

2.authenticationProcessingFilter 

  1. package com.XXX.security.filter; 
  2.  
  3. import org.springframework.security.Authentication; 
  4. import org.springframework.security.AuthenticationException; 
  5. import org.springframework.security.SpringSecurityMessageSource; 
  6. import org.springframework.security.providers.AbstractAuthenticationToken; 
  7. import org.springframework.security.providers.UsernamePasswordAuthenticationToken; 
  8. import org.springframework.security.ui.webapp.AuthenticationProcessingFilter; 
  9. import org.springframework.security.util.TextUtils; 
  10.  
  11. import javax.servlet.http.HttpServletRequest; 
  12. import javax.servlet.http.HttpSession; 
  13.  
  14. /** 
  15.  * @author: [email protected] 
  16.  * @date: 2011-10-20 
  17.  * @time: 16:02:01 
  18.  * @desc: 
  19.  */ 
  20. public class KmsAuthenticationProcessingFilter extends AuthenticationProcessingFilter { 
  21.     public static final String SPRING_SECURITY_FORM_RANDOM_KEY = "j_random"
  22.     public boolean isValidateRandom = true
  23.     public String typeParameter = SPRING_SECURITY_FORM_TYPE_KEY; 
  24.     public String randomParameter = SPRING_SECURITY_FORM_RANDOM_KEY; 
  25.  
  26.     public Authentication attemptAuthentication(HttpServletRequest request) throws AuthenticationException { 
  27.  
            HttpSession session = request.getSession(false); 
  28.         //如果驗證驗證碼 
  29.         if (isValidateRandom) { 
  30.             String requestRandom = request.getParameter(SPRING_SECURITY_FORM_TYPE_KEY); 
  31.             String sessionRandom = (String) session.getAttribute(SPRING_SECURITY_FORM_RANDOM_KEY); 
  32.             validateRandom(requestRandom, sessionRandom); 
  33.         } 
  34.           XXX; 
  35.         return this.getAuthenticationManager().authenticate(authRequest); 
  36.     } 
  37.  
  38.     /** 
  39.      * Provided so that subclasses may configure what is put into the authentication request's details 
  40.      * property. 
  41.      * 
  42.      * @param request     that an authentication request is being created for 
  43.      * @param authRequest the authentication request object that should have its details set 
  44.      */ 
  45.     protected void setDetail(HttpServletRequest request, AbstractAuthenticationToken authRequest) { 
  46.         authRequest.setDetails(authenticationDetailsSource.buildDetails(request)); 
  47.     } 
  48.  
  49.     /** 
  50.      * 驗證驗證碼 
  51.      * 
  52.      * @param requestRandom 
  53.      * @param sessionRandom 
  54.      */ 
  55.     protected void validateRandom(String requestRandom, String sessionRandom) { 
  56.         if (requestRandom == null || sessionRandom == null || requestRandom.trim().equals("") || sessionRandom.trim().equals("")) 
  57.             throw new BadRandomCodeException(messages.getMessage("KmsAuthenticationProcessingFilter.badRandom""Bad Random Code")); 
  58.         if (!requestRandom.toLowerCase().equals(sessionRandom.toLowerCase())) 
  59.             throw new BadRandomCodeException(messages.getMessage("KmsAuthenticationProcessingFilter.badRandom""Bad Random Code")); 
  60.  
  61.     } 
     
  62.     protected String obtainRandom(HttpServletRequest request) { 
  63.         return request.getParameter(randomParameter); 
  64.     } 
  65.  
  66.   
  67.     public void setValidateRandom(boolean validateRandom) { 
  68.         isValidateRandom = validateRandom; 
  69.     } 
  70.  
  71.  
  72.     public void setRandomParameter(String randomParameter) { 
  73.         this.randomParameter = randomParameter; 
  74.     } 
  75.   

3.web.xml 

  1. <servlet>  
  2.        <servlet-name>Kaptcha</servlet-name>  
  3.        <servlet-class>com.google.code.kaptcha.servlet.KaptchaServlet</servlet-class>  
  4.        <init-param>  
  5.            <param-name>kaptcha.border</param-name>  
  6.            <param-value>no</param-value>  
  7.        </init-param>  
  8.        <init-param>  
  9.            <param-name>kaptcha.border.color</param-name>  
  10.            <param-value>red</param-value>  
  11.        </init-param>  
  12.        <init-param>  
  13.            <param-name>kaptcha.border.thickness</param-name>  
  14.            <param-value>4</param-value>  
  15.        </init-param>  
  16.        <init-param>  
  17.            <param-name>kaptcha.p_w_picpath.width</param-name>  
  18.            <param-value>60</param-value>  
  19.        </init-param>  
  20.        <init-param>  
  21.            <param-name>kaptcha.p_w_picpath.height</param-name>  
  22.            <param-value>30</param-value>  
  23.        </init-param>  
  24.        <init-param>  
  25.            <param-name>kaptcha.producer.impl</param-name>  
  26.            <param-value>com.google.code.kaptcha.impl.DefaultKaptcha </param-value>  
  27.        </init-param>  
  28.        <init-param>  
  29.            <param-name>kaptcha.textproducer.impl</param-name>  
  30.            <param-value>com.google.code.kaptcha.text.impl.DefaultTextCreator</param-value>  
  31.        </init-param>  
  32.        <init-param>  
  33.            <param-name>kaptcha.textproducer.char.string</param-name>  
  34.            <param-value>abcde2345678gfynmnpwx </param-value>  
  35.        </init-param>  
  36.        <init-param>  
  37.            <param-name>kaptcha.textproducer.char.length</param-name>  
  38.            <param-value>4</param-value>  
  39.        </init-param>  
  40.        <init-param>  
  41.            <param-name>kaptcha.textproducer.font.names</param-name>  
  42.            <param-value>Arial, Courier</param-value>  
  43.        </init-param>  
  44.        <init-param>  
  45.            <param-name>kaptcha.textproducer.font.size</param-name>  
  46.            <param-value>20</param-value>  
  47.        </init-param>  
  48.        <init-param>  
  49.            <param-name>kaptcha.textproducer.font.color</param-name>  
  50.            <param-value>black</param-value>  
  51.        </init-param>  
  52.        <init-param>  
  53.            <param-name>kaptcha.noise.impl</param-name>  
  54.            <param-value>com.google.code.kaptcha.impl.NoNoise </param-value>  
  55.        </init-param>  
  56.        <init-param>  
  57.            <param-name>kaptcha.noise.color</param-name>  
  58.            <param-value>black</param-value>  
  59.        </init-param>  
  60.        <init-param>  
  61.            <param-name>kaptcha.obscurificator.impl</param-name>  
  62.            <param-value>com.google.code.kaptcha.impl.ShadowGimpy</param-value>  
  63.        </init-param>  
  64.        <init-param>  
  65.            <param-name>kaptcha.background.impl</param-name>  
  66.            <param-value>com.google.code.kaptcha.impl.DefaultBackground</param-value>  
  67.        </init-param>  
  68.        <init-param>  
  69.            <param-name>kaptcha.background.clear.to</param-name>  
  70.            <param-value>white</param-value>  
  71.        </init-param>  
  72.        <init-param>  
  73.            <param-name>kaptcha.word.impl</param-name>  
  74.            <param-value>com.google.code.kaptcha.text.impl.DefaultWordRenderer</param-value>  
  75.        </init-param>  
  76.        <init-param> 
  77.         <!--設置session中 驗證碼的key值 --> 
  78.            <param-name>kaptcha.session.key</param-name>  
  79.            <param-value>KAPTCHA_SESSION_KEY</param-value>  
  80.        </init-param>  
  81.        <init-param> 
  82.         <!--設置session中 驗證碼的value值 -->  
  83.            <param-name>kaptcha.session.date</param-name>  
  84.            <param-value>KAPTCHA_SESSION_DATE</param-value>  
  85.        </init-param>  
  86.    </servlet>  
  87.    <servlet-mapping>  
  88.        <servlet-name>Kaptcha</servlet-name>  
  89.        <url-pattern>/Kaptcha.jpg</url-pattern>  
  90.    </servlet-mapping> 

3.login.html 

  1. <tr> 
  2. <td height="34" align="right">驗證碼:</td> 
  3. <td><input type="text" name="j_random" class="tclss" class="required tyno" minlength="4" /></td>
  4. <td><img id='kaptchaImage' src='Kaptcha.jpg' title="請點擊刷新" alt="請點擊刷新" style="cursor:pointer;"/>
  5. </td>
  6. </tr>

發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章

路遇一個“乞討者“

楊木藝 2019-02-24 14:19:35

如果同事暗中傷害你,應該怎麼辦?

這個饅頭有餡 2019-02-24 13:59:08

職場中,抱怨越多的員工,越被領導瞧不起!

這個饅頭有餡 2019-02-24 13:59:08

老程序員被裁,應屆生卻能月薪 1.3 萬?這你能忍?

前端高達 2019-02-24 13:48:04

遇到到處蹭吃卻從不請客吃飯的主怎麼辦?

樑軍年 2019-02-24 13:26:35

Linux基本操作命令

wbzjacky 2019-02-24 13:12:38

高標準機房綜合配線安裝

wbzjacky 2019-02-24 13:12:38

444句英語

wbzjacky 2019-02-24 13:12:37

IPsec ***實驗

wbzjacky 2019-02-24 13:12:37

真實的模擬***綜合實驗

wbzjacky 2019-02-24 13:12:37

網絡系統集成

wbzjacky 2019-02-24 13:12:37

CISCO路由AAA的Easy ***

wbzjacky 2019-02-24 13:12:37

三層交換機的HSRP、vlan、端口聚合

wbzjacky 2019-02-24 13:12:37

CISCO訪問控制列表 企業網絡管理的必殺技

wbzjacky 2019-02-24 13:12:37

HSRP和二層交換機的端口聚合、vlan

wbzjacky 2019-02-24 13:12:37