在jeecms v5中验证码采用的是jcaptcha实现。具体使用如下:
验证码采用请求servlet方式更新实现。
package com.jeecms.common.captcha; import java.awt.image.BufferedImage; import java.io.IOException; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.output.ByteArrayOutputStream; import org.springframework.beans.factory.BeanFactoryUtils; import org.springframework.web.context.WebApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; import com.octo.captcha.service.CaptchaServiceException; import com.octo.captcha.service.image.ImageCaptchaService; /** * 提供验证码图片的Servlet */ @SuppressWarnings("serial") public class JcaptchaServlet extends HttpServlet { public static final String CAPTCHA_IMAGE_FORMAT = "jpeg"; private ImageCaptchaService captchaService; @Override public void init() throws ServletException { WebApplicationContext appCtx = WebApplicationContextUtils .getWebApplicationContext(getServletContext()); captchaService = (ImageCaptchaService) BeanFactoryUtils .beanOfTypeIncludingAncestors(appCtx, ImageCaptchaService.class); } @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { byte[] captchaChallengeAsJpeg = null; // the output stream to render the captcha image as jpeg into ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream(); try { // get the session id that will identify the generated captcha. // the same id must be used to validate the response, the session id // is a good candidate! String captchaId = request.getSession(true).getId(); BufferedImage challenge = captchaService.getImageChallengeForID( captchaId, request.getLocale()); // Jimi.putImage("image/jpeg", challenge, jpegOutputStream); ImageIO.write(challenge, CAPTCHA_IMAGE_FORMAT, jpegOutputStream); } catch (IllegalArgumentException e) { response.sendError(HttpServletResponse.SC_NOT_FOUND); return; } catch (CaptchaServiceException e) { response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return; } // catch (JimiException e) { // response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); // return; // } captchaChallengeAsJpeg = jpegOutputStream.toByteArray(); // flush it in the response response.setHeader("Cache-Control", "no-store"); response.setHeader("Pragma", "no-cache"); response.setDateHeader("Expires", 0); response.setContentType("image/" + CAPTCHA_IMAGE_FORMAT); ServletOutputStream responseOutputStream = response.getOutputStream(); responseOutputStream.write(captchaChallengeAsJpeg); responseOutputStream.flush(); responseOutputStream.close(); } }
captcha-context.xml xml配置如下:
<?xml version="1.0" encoding="UTF-8"?> <beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd" default-lazy-init="true"> <!--kaptcha验证码 <bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha"> <property name="config"> <bean class="com.google.code.kaptcha.util.Config"> <constructor-arg type="java.util.Properties"> <value>kaptcha.border=yes</value> </constructor-arg> </bean> </property> </bean> --> <bean id="captchaService" class="com.octo.captcha.service.multitype.GenericManageableCaptchaService"> <constructor-arg index="0" ref="imageEngine"/> <constructor-arg type="int" index="1" value="180"/> <constructor-arg type="int" index="2" value="100000"/> <constructor-arg type="int" index="3" value="75000"/> </bean> <bean id="imageEngine" class="com.octo.captcha.engine.GenericCaptchaEngine"> <constructor-arg index="0"> <list> <ref bean="captchaFactory"/> </list> </constructor-arg> </bean> <bean id="captchaFactory" class="com.octo.captcha.image.gimpy.GimpyFactory"> <constructor-arg> <ref bean="wordgen"/> </constructor-arg> <constructor-arg> <ref bean="wordtoimage"/> </constructor-arg> </bean> <bean id="wordgen" class= "com.octo.captcha.component.word.wordgenerator.RandomWordGenerator"> <!--可选字符--> <constructor-arg> <value>aabbccddeefgghhkkmnnooppqqsstuuvvwxxyyzz</value> </constructor-arg> </bean> <bean id="wordtoimage" class="com.octo.captcha.component.image.wordtoimage.ComposedWordToImage"> <constructor-arg index="0"> <ref bean="fontGenRandom"/> </constructor-arg> <constructor-arg index="1"> <ref bean="backGenUni"/> </constructor-arg> <constructor-arg index="2"> <ref bean="decoratedPaster"/> </constructor-arg> </bean> <bean id="fontGenRandom" class="com.octo.captcha.component.image.fontgenerator.RandomFontGenerator"> <!--最小字体--> <constructor-arg index="0"> <value>26</value> </constructor-arg> <!--最大字体--> <constructor-arg index="1"> <value>34</value> </constructor-arg> <constructor-arg index="2"> <list> <bean class="java.awt.Font"> <constructor-arg index="0"><value>Arial</value></constructor-arg> <constructor-arg index="1"><value>0</value></constructor-arg> <constructor-arg index="2"><value>32</value></constructor-arg> </bean> </list> </constructor-arg> </bean> <bean id="backGenUni" class="com.octo.captcha.component.image.backgroundgenerator.UniColorBackgroundGenerator"> <!--背景宽度--> <constructor-arg index="0"> <value>110</value> </constructor-arg> <!--背景高度--> <constructor-arg index="1"> <value>50</value> </constructor-arg> </bean> <bean id="decoratedPaster" class="com.octo.captcha.component.image.textpaster.DecoratedRandomTextPaster"> <!--最大字符长度--> <constructor-arg type="java.lang.Integer" index="0"> <value>4</value> </constructor-arg> <!--最小字符长度--> <constructor-arg type="java.lang.Integer" index="1"> <value>4</value> </constructor-arg> <!--文本颜色--> <constructor-arg index="2"> <ref bean="colorGen"/> </constructor-arg> <!--文本混淆--> <constructor-arg index="3"> <list> <!--<ref bean="baffleDecorator"/>--> </list> </constructor-arg> </bean> <bean id="baffleDecorator" class="com.octo.captcha.component.image.textpaster.textdecorator.BaffleTextDecorator"> <constructor-arg type="java.lang.Integer" index="0"><value>1</value></constructor-arg> <constructor-arg type="java.awt.Color" index="1"><ref bean="colorWrite"/></constructor-arg> </bean> <bean id="colorGen" class="com.octo.captcha.component.image.color.SingleColorGenerator"> <constructor-arg type="java.awt.Color" index="0"> <ref bean="colorBlack"/> </constructor-arg> </bean> <bean id="colorWrite" class="java.awt.Color"> <constructor-arg type="int" index="0"> <value>255</value> </constructor-arg> <constructor-arg type="int" index="1"> <value>255</value> </constructor-arg> <constructor-arg type="int" index="2"> <value>255</value> </constructor-arg> </bean> <bean id="colorBlack" class="java.awt.Color"> <constructor-arg type="int" index="0"> <value>50</value> </constructor-arg> <constructor-arg type="int" index="1"> <value>50</value> </constructor-arg> <constructor-arg type="int" index="2"> <value>50</value> </constructor-arg> </bean> </beans>
web.xml配置如下:
<servlet> <servlet-name>Jcaptcha</servlet-name> <servlet-class>com.jeecms.common.captcha.JcaptchaServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>Jcaptcha</servlet-name> <url-pattern>/captcha.svl</url-pattern> </servlet-mapping>
验证过程如下:
com.jeecms.cms.action.admin.CmsLoginAct
@RequestMapping(value = "/login.do", method = RequestMethod.POST) public String submit(String username, String password, String captcha, String message, HttpServletRequest request, HttpServletResponse response, ModelMap model) { Integer errorRemaining = unifiedUserMng.errorRemaining(username); WebErrors errors = validateSubmit(username, password, captcha, errorRemaining, request, response); if (!errors.hasErrors()) { try { String ip = RequestUtils.getIpAddr(request); Authentication auth = authMng.login(username, password, ip, request, response, session); // 是否需要在这里加上登录次数的更新?按正常的方式,应该在process里面处理的,不过这里处理也没大问题。 cmsUserMng.updateLoginInfo(auth.getUid(), ip); CmsUser user = cmsUserMng.findById(auth.getUid()); if (user.getDisabled()) { // 如果已经禁用,则退出登录。 authMng.deleteById(auth.getId()); session.logout(request, response); throw new DisabledException("user disabled"); } cmsLogMng.loginSuccess(request, user, "login.log.loginSuccess"); removeCookieErrorRemaining(request, response); if(user!=null){ //登录成功返回后台首页 return "redirect:index.do"; }else{ return "redirect:login.do"; } } catch (UsernameNotFoundException e) { errors.addErrorString(e.getMessage()); cmsLogMng.loginFailure(request, "login.log.loginFailure", "username=" + username ); } catch (BadCredentialsException e) { errors.addErrorString(e.getMessage()); cmsLogMng.loginFailure(request, "login.log.loginFailure", "username=" + username ); } catch (DisabledException e) { errors.addErrorString(e.getMessage()); cmsLogMng.loginFailure(request, "login.log.loginFailure", "username=" + username ); } } // 登录失败 writeCookieErrorRemaining(errorRemaining, request, response, model); errors.toModel(model); if (!StringUtils.isBlank(message)) { model.addAttribute(MESSAGE, message); } return "login"; }