1.  cas.war 下面的web-inf/web.xml  lib添加  kaptcha.jar

  kaptcha.jar通过maven获取

 <dependency>

    <groupId>com.github.axet</groupId>

    <artifactId>kaptcha</artifactId>

    <version>0.0.9</version>

 </dependency>

这个maven 包含两个 jar 另一个是filters-2.0.235.jar

2. cas.war 下面的web-inf/web.xml添加验证码映射

<servlet>

        <servlet-name>Kaptcha</servlet-name>

        <servlet-class>com.google.code.kaptcha.servlet.KaptchaServlet</servlet-class>

        <init-param>

            <param-name>kaptcha.border</param-name>

            <param-value>no</param-value>

        </init-param>

        <init-param>

            <param-name>kaptcha.textproducer.char.space</param-name>

            <param-value>5</param-value>

        </init-param>

        <init-param>

            <param-name>kaptcha.textproducer.char.length</param-name>

            <param-value>5</param-value>

        </init-param>

    </servlet>  

    <servlet-mapping>

        <servlet-name>Kaptcha</servlet-name>

        <url-pattern>/captcha.jpg</url-pattern>

</servlet-mapping>

3. cas中 UsernamePasswordCredentials 类增加验证码属性 authcode

/** The authcode. */

   @NotNull

   @Size(min=1, message = "required.authcode")

   private String authcode;  

public String getAuthcode() {

    return authcode;

}  

public void setAuthcode(String authcode) {

    this.authcode = authcode;

}  

/**

    * @return Returns the password.

    */

   public final String getPassword() {

       return this.password;

   }

并且重写equals和hashCode方法

@Override

   public boolean equals(final Object o) {

       if (this == o) return true;

       if (o == null || getClass() != o.getClass()) return false;  

       UsernamePasswordCredentials that = (UsernamePasswordCredentials) o;  

       if (password != null ? !password.equals(that.password) : that.password != null) return false;

       if (username != null ? !username.equals(that.username) : that.username != null) return false;

       if (authcode != null ? !authcode.equals(that.authcode) : that.authcode != null) return false;

       return true;

   }  

   @Override

   public int hashCode() {

       int result = username != null ? username.hashCode() : 0;

       result = 31 * result + (password != null ? password.hashCode() : 0);

       result = 31 * result + (authcode != null ? authcode.hashCode() : 0);

       return result;

   }

4. AuthenticationViaFormAction 类增加验证方法

public final String validatorCode(final RequestContext context,  final Credentials credentials, final MessageContext messageContext) throws Exception {

        final HttpServletRequest request = WebUtils.getHttpServletRequest(context);

        HttpSession session = request.getSession();

        String authcode = (String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);

        session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);  

        UsernamePasswordCredentials upc = (UsernamePasswordCredentials)credentials;

        String submitAuthcode =upc.getAuthcode();

        if(!StringUtils.hasText(submitAuthcode) || !StringUtils.hasText(authcode)){

            populateErrorsInstance(new NullAuthcodeAuthenticationException(),messageContext);

            return "error";

        }

        if(submitAuthcode.equals(authcode)){

            return "success";

        }

        populateErrorsInstance(new BadAuthcodeAuthenticationException(),messageContext);

        return "error";

    }

NullAuthcodeAuthenticationException 、BadAuthcodeAuthenticationException为定义的异常类,取得异常编码

/*

 * Licensed to Jasig under one or more contributor license

 * agreements. See the NOTICE file distributed with this work

 * for additional information regarding copyright ownership.

 * Jasig licenses this file to you under the Apache License,

 * Version 2.0 (the "License"); you may not use this file

 * except in compliance with the License.  You may obtain a

 * copy of the License at the following location:

 *

 *   http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing,

 * software distributed under the License is distributed on an

 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

 * KIND, either express or implied.  See the License for the

 * specific language governing permissions and limitations

 * under the License.

 */

package org.jasig.cas.authentication.handler;  

import org.jasig.cas.ticket.TicketException;  

/**

 * The exception to throw when we know the authcode is null

 *

 * @author Scott Battaglia

 * @version $Revision$ $Date$

 * @since 3.0

 */

public class NullAuthcodeAuthenticationException extends TicketException {  

    /** Serializable ID for unique id. */

    private static final long serialVersionUID = 5501212207531289993L;  

    /** Code description. */

    public static final String CODE = "required.authcode";  

    /**

     * Constructs a TicketCreationException with the default exception code.

     */

    public NullAuthcodeAuthenticationException() {

        super(CODE);

    }  

    /**

     * Constructs a TicketCreationException with the default exception code and

     * the original exception that was thrown.

     *

     * @param throwable the chained exception

     */

    public NullAuthcodeAuthenticationException(final Throwable throwable) {

        super(CODE, throwable);

    }}  
/*

 * Licensed to Jasig under one or more contributor license

 * agreements. See the NOTICE file distributed with this work

 * for additional information regarding copyright ownership.

 * Jasig licenses this file to you under the Apache License,

 * Version 2.0 (the "License"); you may not use this file

 * except in compliance with the License.  You may obtain a

 * copy of the License at the following location:

 *

 *   http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing,

 * software distributed under the License is distributed on an

 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

 * KIND, either express or implied.  See the License for the

 * specific language governing permissions and limitations

 * under the License.

 */

package org.jasig.cas.authentication.handler;  

import org.jasig.cas.ticket.TicketException;  

/**

 * The exception to throw when we know the authcoe is not correct

 *

 * @author Scott Battaglia

 * @version $Revision$ $Date$

 * @since 3.0

 */

public class BadAuthcodeAuthenticationException extends TicketException {  

    /** Serializable ID for unique id. */

    private static final long serialVersionUID = 5501212207531289993L;  

    /** Code description. */

    public static final String CODE = "error.authentication.authcode.bad";  

    /**

     * Constructs a TicketCreationException with the default exception code.

     */

    public BadAuthcodeAuthenticationException() {

        super(CODE);

    }  

    /**

     * Constructs a TicketCreationException with the default exception code and

     * the original exception that was thrown.

     *

     * @param throwable the chained exception

     */

    public BadAuthcodeAuthenticationException(final Throwable throwable) {

        super(CODE, throwable);

    }}

5. login_webflow.xml 修改登录验证流程

<view-state id="viewLoginForm" view="casLoginView" model="credentials">

        <binder>

            <binding property="username" />

            <binding property="password" />

            <binding property="authcode" />

        </binder>

        <on-entry>

            <set name="viewScope.commandName" value="'credentials'" />

        </on-entry>

        <transition on="submit" bind="true" validate="true" to="authcodeValidate">

            <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" />

        </transition>

    </view-state>  

    <action-state id="authcodeValidate">

        <evaluate expression="authenticationViaFormAction.validatorCode(flowRequestContext, flowScope.credentials, messageContext)" />

        <transition on="error" to="generateLoginTicket" />

        <transition on="success" to="realSubmit" />

    </action-state>

6. 增加国际化显示信息

messages_zh_CN.properties文件中添加,其他国家语言类似添加

screen.welcome.label.authcode=\u9A8C\u8BC1\u7801:

screen.welcome.label.authcode.accesskey=a

required.authcode=\u5FC5\u987B\u5F55\u5165\u9A8C\u8BC1\u7801\u3002

error.authentication.authcode.bad=\u9A8C\u8BC1\u7801\u8F93\u5165\u6709\u8BEF\u3002

7. 登录页面casLoginView.jsp添加验证码输入框

<div class="row fl-controls-left">

                      <label for="authcode"><spring:message code="screen.welcome.label.authcode" /></label>

                      <spring:message code="screen.welcome.label.authcode.accesskey" var="authcodeAccessKey" />

                        <table>

                        <tr>

                                <td>

                        <form:input cssClass="required" cssErrorClass="error" id="authcode" size="10" tabindex="2" path="authcode"  accesskey="${authcodeAccessKey}" htmlEscape="true" autocomplete="off" />

                        </td>

                                <td align="left" valign="bottom" style="vertical-align: bottom;">

                          <img alt="<spring:message code="required.authcode" />" onclick="this.src='captcha.jpg?'+Math.random()" width="93" height="30" src="captcha.jpg">

                    </td>

                        </tr>

                        </table>

                    </div>

                    <div class="row check">

                        <input id="warn" name="warn" value="true" tabindex="3" accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />" type="checkbox" />

                        <label for="warn"><spring:message code="screen.welcome.label.warn" /></label>

                    </div>

以上操作有些要修改源码,所以还是要把源码下载下来部署到Eclipse上修改比较方便,修改后编译成class文件放入到cas web里面

CAS添加验证码功能的更多相关文章

  1. cas添加验证码

    cas添加验证码,折腾了好久,终于整理好了,很大部分都是借鉴http://binghejinjun.iteye.com/blog/1255293这个的.但是他的有一个很不好的地方就是不能提升验证码错误 ...

  2. dd——留言板再加验证码功能

    1.找到后台-核心-频道模型-自定义表单 2.然后点击增加新的自定义表单 diyid 这个,不管他,默认就好 自定义表单名称 这个的话,比如你要加个留言板还是投诉建议?写上去呗 数据表  这个不要碰, ...

  3. 使用JS来实现验证码功能

    最近想为自己的Django博客添加验证码功能,本来想使用第三方库来实现的,不过考虑到添加第三方库对性能的影响,以及第三方库是否安全可靠的问题,还是用自己的代码来实现吧.反正用JS来实现验证码功能又不是 ...

  4. [phpcms v9]自定义表单添加验证码验证功能

    修改  \phpcms\templates\default\formguide\show.html 中添加验证码显示 <input type="text" id=" ...

  5. cas4.2.4 登添加验证码

    看了很多添加验证码的博文,唯独没有4.24的 重点看第3条,其余的和别人博文大致相同 1.首先在cas工程的web.xml增加验证码功能的支持 <!-- 验证码功能 -->      &l ...

  6. DedeCMS提交自定义表单加入验证码功能

    织梦dedecms网站给自定义表单加dede模板自带验证码的方法. 有时候,我们因为需要给dede网站的自定义表单添加验证码,防止恶意填写表单提交. 我们可以用以下的方法来实现: 首先,我们要找到 / ...

  7. 用PHP实现验证码功能

    目前,不少网站为了防止用户利用机器人自动注册.登录.灌水,都采用了 验证码技术.所谓验证码,就是将一串随机产生的数字或符号,生成一幅图片, 图片里加上一些干扰象素(防止OCR),由用户肉眼识别其中的验 ...

  8. ThinkPhp框架:验证码功能

    Think\Verify类可以支持验证码的生成和验证功能. 为了显示这个验证码功能,第一要有控制器,再就是有方法,然后是显示的页面. 一.最简单的方式生成验证码 (1)我们还是继续在那个控制器编写方法 ...

  9. Angular企业级开发(9)-前后端分离之后添加验证码

    1.背景介绍 团队开发的项目,前端基于Bootstrap+AngularJS,后端Spring MVC以RESTful接口给前端调用.开发和部署都是前后端分离.项目简单部署图如下,因为后台同时采用微服 ...

随机推荐

  1. element-ui表格点击一行展开

    转载:https://www.cnblogs.com/xiaochongchong/p/8127282.html <template> <el-table :data="t ...

  2. 查看网站pv

    PV(page view),即页面浏览量,或点击量:通常是衡量一个网络新闻频道或网站甚至一条网络新闻的主要指标.简单来解释PV,那就是一个访问者在24小时(0点到24点)内到底看了你网站多少个页面.这 ...

  3. MySQL基本命令脚本

    一.基本命令 1.启动服务 说明:以管理员身份运行cmd 格式:net start 服务名称 示例:net start mysql57 2.停止服务 说明:以管理员身份运行cmd 格式:net sto ...

  4. zabbix_agentd 报错

    1 cannot open PID file [/tmp/zabbix_agentd.pid]: [13] Permission denied 权限拒绝 很直观就是权限的问题 我的问题是这样的,这个p ...

  5. thinkphp url生成

    为了配合所使用的URL模式,我们需要能够动态的根据当前的URL设置生成对应的URL地址,为此,ThinkPHP内置提供了U方法,用于URL的动态生成,可以确保项目在移植过程中不受环境的影响. 定义规则 ...

  6. 0927CSP-S模拟测试赛后总结

    84pts rank28 经历了一个阶段的持续低迷,终于回到自己之前的位置了啊. 尽管依旧不是太靠上,但是还是证明了我的努力. 宿舍三人的风水轮流转之谈终究只是戏言和巧合.嘟嘟和Lockey都进第一机 ...

  7. 基于标记的分水岭分割算法/OpenCV中距离变换

    Opencv分水岭算法——watershed自动图像分割用法 OpenCV距离变换distanceTransform应用 图像分割作为图像识别的基础,在图像处理中占有重要地位,通常需要在进行图像分割算 ...

  8. ECMAScript 6中的Set和Map数据结构

    一.Set 基本用法: Set本身是一个构造函数,用来生成Set数据结构.Set函数可以接受一个数组作为参数用来初始化. const arr = new Set([2,2,3,3,4,4,5,8]); ...

  9. 尚学python课程---12、python语言介绍

    尚学python课程---12.python语言介绍 一.总结 一句话总结: 1.操作简单:简便计算:允许通过单个“import”语句后跟一个函数调用来完成复杂的计算.虽慢 2.库丰富:比如人工智能和 ...

  10. linux大神

    http://blog.csdn.net/skykingf/article/category/780616