JCaptcha在apache+tomcat下驗證失效問題

時間 2019-11-08

標籤 jcaptcha apache+tomcat apache tomcat 驗證失效問題欄目 Tomcat 简体版

原文原文鏈接

JCaptcha使用當前SessionId來作當前驗證碼的key,可是在apache+tomcat集羣裏,sessionId是不一樣的,會出現驗證失敗問題,解決方法: java

繼承JCaptcha的SimpleImageCaptchaServlet類apache

1.重寫doGet方法,當獲取驗證碼時,將sessionId放入到session中tomcat

2.重寫validateResponse驗證方法,從session中獲取sessionId,驗證之...session

代碼以下:ide

public class JcaptchaExtendServlet extends SimpleImageCaptchaServlet {

	/**
	 * 
	 */
	private static final long serialVersionUID = 1L;

	@Override
	protected void doGet(HttpServletRequest httpServletRequest,
			HttpServletResponse httpServletResponse) throws ServletException,
			IOException {
		super.doGet(httpServletRequest, httpServletResponse);
		// 將sessionId放入到session中,解決apache+tomcat集羣sessionId不同,驗證問題
		httpServletRequest.getSession().setAttribute(
				SessionKey.CAPTCHA_SESSIONID.key(),
				httpServletRequest.getSession().getId());
	}

	public static boolean validateResponse(HttpServletRequest request,
			String userCaptchaResponse) {
		if (request.getSession(false) == null)
			return false;

		boolean validated = false;
		try {
			validated = service.validateResponseForID(
					(String) request.getSession().getAttribute(
							SessionKey.CAPTCHA_SESSIONID.key()),
					userCaptchaResponse).booleanValue();
		} catch (CaptchaServiceException e) {
			e.printStackTrace();
		}
		return validated;
	}

}

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。