單點登陸加驗證碼例子

時間 2020-07-06

標籤單點登陸驗證碼例子简体版

原文原文鏈接

國內私募機構九鼎控股打造APP，來就送 20元現金領取地址： http://jdb.jiudingcapital.com/phone.html
內部邀請碼： C8E245J （不寫邀請碼，沒有現金送）
國內私募機構九鼎控股打造，九鼎投資是在全國股份轉讓系統掛牌的公衆公司，股票代碼爲430719，爲「中國PE第一股」，市值超1000億元。

------------------------------------------------------------------------------------------------------------------------------------------------------------------

在部署cas登陸過程當中,可能會用到驗證碼功能,這裏簡要介紹一下加入驗證碼的過程. css

1. 首先,我用的cas版本是3.4.6,驗證碼採用的是CAPTCHA,所需jar包能夠google搜索,部署好cas後.在web-info目錄下找到login-webflow.xml,打開,找到以下代碼: html

 <view-state id="viewLoginForm" view="casLoginView" model="credentials"> 
    <var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" /> 
    <binder> 
        <binding property="username" /> 
        <binding property="password" /> 
    </binder> 
    <on-entry> 
        <set name="viewScope.commandName" value="'credentials'" /> 
    </on-entry> 
<transition on="submit" bind="true" validate="true" to="realSubmit"> 
        <set name="flowScope.credentials" value="credentials" /> 
        <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" /> 
    </transition> 
 </view-state>

此段代碼的功能是綁定cas登陸過程當中的用戶名和密碼,再次咱們修改以下: java

  <view-state id="viewLoginForm" view="casLoginView" model="credentials"> 
    <var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" /> 
    <binder> 
        <binding property="username" /> 
        <binding property="password" /> 
    </binder> 
    <on-entry> 
        <set name="viewScope.commandName" value="'credentials'" /> 
    </on-entry> 
<transition on="submit" bind="true" validate="true" to="yzmSubmit"> 
        <set name="flowScope.credentials" value="credentials" /> 
        <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" /> 
    </transition> 
  </view-state>

也就是說,只須要修改realSubmit爲yzmSubmit便可.而後加入以下配置: web

<action-state id="yzmSubmit"> 
        <evaluate expression="yzmViaFormAction.submit(flowRequestContext)" /> 
<transition on="success" to="realSubmit" /> 
<transition on="error" to="viewLoginForm" /> 
</action-state>

此段配置是自定義的驗證碼驗證器,用來驗證你提交的驗證碼的正確性. spring

2. 在web-info下找到cas-servlet.xml,打開後,加入 express

<bean id="yzmViaFormAction" class="com.ivan.zhang.servlet.YzmAction" />

3. 編寫以下類: api

package com.ivan.zhang.servlet; 

import com.ivan.zhang.CaptchaServiceSingleton; 
import com.octo.captcha.service.image.ImageCaptchaService; 
import java.io.PrintStream; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpSession; 
import org.jasig.cas.web.support.WebUtils; 
import org.springframework.webflow.core.collection.ParameterMap; 
import org.springframework.webflow.execution.RequestContext; 

public class YzmAction 
{ 
  public final String submit(RequestContext context) 
    throws Exception 
  { 
    Boolean flag = Boolean.valueOf(false); 
    System.out.println("YzmAction is submiting...................."); 
    String yzm = context.getRequestParameters().get("yzm"); 
    String captchaId = WebUtils.getHttpServletRequest(context).getSession().getId(); 
    flag = CaptchaServiceSingleton.getInstance().validateResponseForID(captchaId, 
      yzm); 
    if (flag.booleanValue()) { 
      return "success"; 
    } 
    return "error"; 
  } 
}

其中, flag = CaptchaServiceSingleton.getInstance().validateResponseForID(captchaId, yzm); session

此句話是爲了驗證提交的驗證碼和先前生成的驗證碼的正確性,以此做爲驗證結果跳轉的依據.CaptchaServiceSingleton此類是自定義類,稍後會附加完整的類供下載調試. app

4. 打開web-info/view/jsp/default/ui/casLoginView.jsp,在密碼下面加入dom

<img alt="yzm" src="captcha.jpg"> 
<spring:message code="screen.welcome.label.yzm.accesskey" var="yzmAccessKey" /> 
<form:input cssClass="required" cssErrorClass="error" id="yzm" size="25" tabindex="1" accesskey="${yzmAccessKey}" path="yzm" autocomplete="false" htmlEscape="true" />

5. 最後一步則是註冊驗證碼生成器,打開web.xml文件,加入

<servlet>  
        <servlet-name>jcaptcha</servlet-name>  
        <servlet-class>com.ivan.zhang.servlet.ImageCaptchaServlet</servlet-class>  
        <load-on-startup>0</load-on-startup>  
    </servlet> 
<servlet-mapping>  
        <servlet-name>jcaptcha</servlet-name>  
        <url-pattern>/captcha.jpg</url-pattern>  
</servlet-mapping>

ok,就這麼簡單.簡單解釋一下流程,web.xml中註冊的類是用來調用自定義的驗證碼生成器,以便在顯示登錄界面的時候繪製驗證碼圖片,並在session中生成標誌位並記錄,當用戶提交驗證碼和用戶名密碼時,會先走自定義的驗證碼驗證器(此時會先驗證驗證碼的正確性),若是正確,再走用戶名和密碼的驗證,若是不正確,則直接跳轉回登錄頁面.yzm.jar是自定義的驗證碼生成器和驗證類,直接打包好後放到web-info/lib下.
若有疑問,請留言

文件地址：

http://files.cnblogs.com/AloneSword/alonesword-cas-customize-login-randomcode.zip