| [转帖]CAS增加登录验证码 | ||
上一篇:[转帖]cas server端的login-webflow详细流程 |
||
| 添加日期:2013/9/13 18:04:38 | 快速返回 返回列表 | 阅读4090次 |
主要看一下,修改CAS的思路,可以改哪些东西~~ ======================================== 本来集成CAS的时候没想增加验证码的问题,这几天发部测试版本的时候,需求人员跑过来说要加个图片验证码的,当时心里确实没底,但是没说不行,然后就开始搜资料,搜了一会也没搜出什么相关的东西,加上google老报错,没办法! 还是得把源码拿出来看了,还好之前集成CAS的时候对它的目录结构和配置相关的东西了解一点,然后花了点时间看了一下login-webflow.xml的配置,大概知道怎么回事了.......... CAS版本:cas-server-3.4.11,cas-client-3.2.1 1、当然是在登录页面(casLoginView.jsp)增加验证码的输入框(这里我命名为:vcode)。 2、增加vcode输入框后,那相应的,在接收表单的java bean里面也要加上vcode属性,CAS接收和验证登录表单的java bean是UsernamePasswordCredentials,这里我是增加了一个自己的UsernamePasswordVCodeCredentials的类,当然这里要继承UsernamePasswordCredentials类; public class UsernamePasswordVCodeCredentials extends UsernamePasswordCredentials { private static final long serialVersionUID = 1L; private String firstname; @NotNull @Size(min=1,message = "required.vcode")/*这里需要到相应的属性文件里面增加描述*/ private String vcode; public String getVcode() { return vcode; } public void setVcode(String vcode) { this.vcode = vcode; } public String getFirstname() { return firstname; } public void setFirstname(String firstname) { this.firstname = firstname; } } 更改login-webflow.xml配置,将 <var name="credentials" class="org.jasig.cas.authentication.principal.UsernamePasswordCredentials" />> 修改为: <var name="credentials" class="net.bean.UsernamePasswordVCodeCredentials" /> 然后需要增加对vcode的校验方法了,这里我也是增加一个类,就叫MyAuthenticationViaFormAction public class MyAuthenticationViaFormAction extends AuthenticationViaFormAction { private final String ERROR="error"; private final String SUCCESS="success"; public final String validatorCode(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception { String vcode=(String)WebUtils.getHttpServletRequest(context).getSession().getAttribute("vcode"); UsernamePasswordVCodeCredentials upv=(UsernamePasswordVCodeCredentials)credentials; if(StringUtils.isBlank(upv.getVcode()) || StringUtils.isBlank(vcode)) return ERROR; if(upv.getVcode().equals(vcode)){ return SUCCESS; } MessageBuilder msgBuilder=new MessageBuilder(); msgBuilder.defaultText("验证码有误!"); messageContext.addMessage(msgBuilder.error().build()); return ERROR; } } 那加了校验类之后,当然配置也得改了,在cas-servlet.xml里面找到 <bean id="authenticationViaFormAction" class="org.jasig.cas.web.flow.AuthenticationViaFormAction" p:centralAuthenticationService-ref="centralAuthenticationService" p:warnCookieGenerator-ref="warnCookieGenerator"/> 改成 <bean id="authenticationViaFormAction" class="net.validator.MyAuthenticationViaFormAction" p:centralAuthenticationService-ref="centralAuthenticationService" p:warnCookieGenerator-ref="warnCookieGenerator" /> 然后在login-webflow.xml里面找到id="viewLoginForm"这个位置,将这个view-state换成; <view-state id="viewLoginForm" view="casLoginView" model="credentials"> <binder> <binding property="username" /> <binding property="password" /> <binding property="vcode" /> </binder> <on-entry> <set name="viewScope.commandName" value="'credentials'" /> </on-entry> <transition on="submit" bind="true" validate="true" to="validatorCode"> <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" /> </transition> </view-state> <action-state id="validatorCode"> <evaluate expression="authenticationViaFormAction.validatorCode(flowRequestContext, flowScope.credentials, messageContext)" /> <transition on="error" to="generateLoginTicket" /> <transition on="success" to="realSubmit" /> </action-state> ........... 到这里就配置完成了(发现spring webflow还挺有意思的............) |
||
| 评论 COMMENTS | |
| 没有评论 No Comments. |
