驗證碼配置

1.添加驗證碼插件

<!-- google captcha 生成驗證碼 -->
<dependency>
    <groupId>com.github.penggle</groupId>
    <artifactId>kaptcha</artifactId>
    <version>2.3.2</version>
</dependency>

2.配置web.xml

<!-- 配置驗證碼插件servlet類 -->
<servlet>
    <servlet-name>Kaptcha</servlet-name>
    <servlet-class>com.google.code.kaptcha.servlet.KaptchaServlet</servlet-class>
    <!-- 驗證碼邊框 -->
    <init-param>
        <param-name>kaptcha.border</param-name>
        <param-value>no</param-value>
    </init-param>
    <!-- 驗證碼字體顏色 -->
    <init-param>
        <param-name>kaptcha.textproducer.font.color</param-name>
        <param-value>red</param-value>
    </init-param>
    <!-- 驗證碼圖片的長度
    <init-param>
        <param-name>kaptcha.image.width</param-name>
        <param-value>135</param-value>
    </init-param> -->
    <!-- 驗證碼字符串范圍
    <init-param>
        <param-name>kaptcha.textproducer.char.string</param-name>
        <param-value>ACDEFHKPRSTWX345679</param-value>
    </init-param> -->
    <!-- 驗證碼圖片高度
    <init-param>
        <param-name>kaptcha.image.height</param-name>
        <param-value>50</param-value>
    </init-param> -->
    <!-- 驗證碼字體大小
    <init-param>
        <param-name>kaptcha.textproducer.font.size</param-name>
        <param-value>43</param-value>
    </init-param> -->
    <!-- 干擾線 顏色 -->
    <init-param>
        <param-name>kaptcha.noise.color</param-name>
        <param-value>black</param-value>
    </init-param>
    <!-- 驗證碼字符串個數(shù) -->
    <init-param>
        <param-name>kaptcha.textproducer.char.length</param-name>
        <param-value>5</param-value>
    </init-param>
    <!-- 字體樣式
    <init-param>
        <param-name>kaptcha.textproducer.font.names</param-name>
        <param-value>Arial</param-value>
    </init-param>-->
</servlet>
<!-- 獲取驗證碼的URL -->
<servlet-mapping>
    <servlet-name>Kaptcha</servlet-name>
    <url-pattern>/captcha.jpg</url-pattern>
</servlet-mapping>

3.頁面配置

<section class="row">
  <label for="vCode"><spring:message code="screen.welcome.label.vCode" /></label>
  <spring:message code="screen.welcome.label.vCode.accesskey" var="vCodeAccessKey" />
  <form:input cssClass="required" cssErrorClass="error" id="vCode" size="10" tabindex="2" path="vCode"  accesskey="${vCodeAccessKey}" htmlEscape="true" autocomplete="off" />
  <img alt="<spring:message code="required.vCode" />" onclick="changeVerifyCode(this)" width="93" height="32" src="captcha.jpg">
</section>

前面三步配置好后，頁面就可以顯示出驗證碼了。

4.頁面提示語

screen.welcome.label.vCode=\u9A8C\u8BC1\u7801:  
screen.welcome.label.vCode.accesskey=a
screen.welcome.label.authSourceType=\u7528\u6237\u7c7b\u578b:
screen.welcome.label.authSourceType.accesskey=a
required.vCode=\u9a8c\u8bc1\u7801\u4e0d\u80fd\u4e3a\u7a7a\u3002
error.authentication.vCode.bad=\u9a8c\u8bc1\u7801\u6709\u8bef\u3002

接下來配置自定義驗證

1.先創(chuàng)建自定義的接收登錄驗證實體類

public class UsernamePasswordVCodeCredential extends UsernamePasswordCredential {

    @NotNull
    @Size(
            min=1,
            message = "required.vCode"
    )
    private String vCode;


    public String getvCode() {
        return vCode;
    }

    public void setvCode(String vCode) {
        this.vCode = vCode;
    }

}

2.修改login-webflow.xml文件

<var name="credential" class="org.jasig.cas.authentication.UsernamePasswordCredential"/>

替換為

<var name="credential" class="自定義的實體類路徑"/>

修改登錄流程

<view-state id="viewLoginForm" view="casLoginView" model="credential">
    <binder>
        <binding property="username" required="true"/>
        <binding property="password" required="true"/>
        
    </binder>
    <on-entry>
        <set name="viewScope.commandName" value="'credential'"/>

        <!--
        <evaluate expression="samlMetadataUIParserAction" />
        -->
    </on-entry>
    <transition on="submit" bind="true" validate="true" to="realSubmit"/>
</view-state>

修改為：

<view-state id="viewLoginForm" view="casLoginView" model="credential">
    <binder>
        <binding property="username" required="true"/>
        <binding property="password" required="true"/>
        <!--添加驗證碼-->
        <binding property="vCode" required="true"/>
        
    </binder>
    <on-entry>
        <set name="viewScope.commandName" value="'credential'"/>

        <!--
        <evaluate expression="samlMetadataUIParserAction" />
        -->
    </on-entry>
    <!--<transition on="submit" bind="true" validate="true" to="realSubmit"/>-->
    <!-- 修改登錄流程 -->
    <transition on="submit" bind="true" validate="true" to="vCodeValidate"/>
</view-state>

在上面這段代碼的下面添加這段代碼

<!-- 判斷驗證碼是否正確 -->
<action-state id="vCodeValidate">
    <evaluate expression="authenticationViaFormVCodeAction.validatorCode(flowRequestContext, flowScope.credential, messageContext)" />
    <transition on="error" to="initializeLogin" />
    <transition on="success" to="realSubmit" />
</action-state>

同時修改下面代碼：

<action-state id="realSubmit">
  <evaluate
        expression="authenticationViaFormAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
  <transition on="warn" to="warn"/>
  <!--
  To enable AUP workflows, replace the 'success' transition with the following:
  <transition on="success" to="acceptableUsagePolicyCheck" />
  -->
  <transition on="success" to="sendTicketGrantingTicket"/>
  <transition on="successWithWarnings" to="showMessages"/>
  <transition on="authenticationFailure" to="handleAuthenticationFailure"/>
  <transition on="error" to="initializeLogin"/>
</action-state>

修改為

<action-state id="realSubmit">
  <evaluate
        expression="authenticationViaFormVCodeAction.submit(flowRequestContext, flowScope.credential, messageContext)"/>
  <transition on="warn" to="warn"/>
  <!--
  To enable AUP workflows, replace the 'success' transition with the following:
  <transition on="success" to="acceptableUsagePolicyCheck" />
  -->
  <transition on="success" to="sendTicketGrantingTicket"/>
  <transition on="successWithWarnings" to="showMessages"/>
  <transition on="authenticationFailure" to="handleAuthenticationFailure"/>
  <transition on="error" to="initializeLogin"/>
</action-state>

3.添加判斷驗證碼是否正確的action

@Component("authenticationViaFormVCodeAction")
public class AuthenticationViaFormVCodeAction extends AuthenticationViaFormAction{

    //添加自定義驗證方法
    public final String validatorCode(final RequestContext context, final Credential credential, final MessageContext messageContext) throws Exception {
        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
        HttpSession session = request.getSession();

        String o = request.getParameter("useVCode");
        boolean useVCode = o == null ? true : Boolean.valueOf(o);

        if (useVCode) {
            //在session中獲取生成的驗證碼
            String vCode = (String) session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
            session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);

            //獲取前臺輸入的內(nèi)容
            UsernamePasswordVCodeCredential upvc = (UsernamePasswordVCodeCredential) credential;
            String submitVCode = upvc.getvCode();
            MessageBuilder msgBuilder = new MessageBuilder();
            //驗證驗證碼是否正確
            if (!StringUtils.hasText(submitVCode) || !StringUtils.hasText(vCode)) {
                msgBuilder.code("required.vCode");
                messageContext.addMessage(msgBuilder.error().build());
                return "error";
            }
            if (submitVCode.equalsIgnoreCase(vCode)) {
                return "success";
            }
            msgBuilder.code("error.authentication.vCode.bad");
            messageContext.addMessage(msgBuilder.error().build());
            return "error";
        } else {
            return "success";
        }
    }

}

注意：由于cas 2.7.x 很多配置都基于注解，所以在自定義類的過程中如果使用到注解，需要到Spring配置文件中設(shè)置自動掃描，否則無法進行加載。

參考文章：
http://blog.csdn.net/bitree1/article/details/55050545