最近在添加cas验证码,参考了一下网上的教程,主要的有【SSO单点系列】(3):CAS4.0 登录页验证码的添加和CAS添加验证码功能,大体上的配置和他们的是一样的,主要在AuthenticationViaFormAction 类和login_webflow.xml 的配置的不一样,编译在源码中进行。
介绍一下编译环境
1.Tomcat 8.0.20
2.jre1.8.0
3.cas 3.5.2版本
在login_webflow.xml 中
public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception {
// Validate login ticket
final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context);
final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context);
if (!authoritativeLoginTicket.equals(providedLoginTicket)) {
this.logger.warn("Invalid login ticket " + providedLoginTicket);
final String code = "INVALID_TICKET";
messageContext.addMessage(
new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build());
return "error";
}
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Service service = WebUtils.getService(context);
if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {
try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
putWarnCookieIfRequestParameterPresent(context);
return "warn";
} catch (final TicketException e) {
if (isCauseAuthenticationException(e)) {
populateErrorsInstance(e, messageContext);
return getAuthenticationExceptionEventId(e);
}
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
if (logger.isDebugEnabled()) {
logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
}
}
}
<!--增加开始-->
final HttpServletRequest request=WebUtils.getHttpServletRequest(context);
HttpSession session=request.getSession();
String captcha=(String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
UsernamePasswordCredentials upc=(UsernamePasswordCredentials)credentials;
String submitcaptcha=upc.getCaptcha();
if(!StringUtils.hasText(submitcaptcha)||!StringUtils.hasText(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("required.captcha").build());
return "error";
}
if(!submitcaptcha.equals(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("error.authentication.captcha.bad").build());
return "error";
}
<!--修改开始-->
try {
WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
putWarnCookieIfRequestParameterPresent(context);
return "success";
} catch (final TicketException e) {
populateErrorsInstance(e, messageContext);
if (isCauseAuthenticationException(e))
return getAuthenticationExceptionEventId(e);
return "error";
}
}
AuthenticationViaFormAction 中的配置主要把submit修改了,需要添加引用org.jasig.cas.authentication.principal.UsernamePasswordCredentials
其他的请参考给出的文章。public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception { // Validate login ticket final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context); final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context); if (!authoritativeLoginTicket.equals(providedLoginTicket)) { this.logger.warn("Invalid login ticket " + providedLoginTicket); final String code = "INVALID_TICKET"; messageContext.addMessage( new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build()); return "error"; } final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context); final Service service = WebUtils.getService(context); if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) { try { final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials); WebUtils.putServiceTicketInRequestScope(context, serviceTicketId); putWarnCookieIfRequestParameterPresent(context); return "warn"; } catch (final TicketException e) { if (isCauseAuthenticationException(e)) { populateErrorsInstance(e, messageContext); return getAuthenticationExceptionEventId(e); } this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId); if (logger.isDebugEnabled()) { logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e); } } } <!--增加开始--> final HttpServletRequest request=WebUtils.getHttpServletRequest(context); HttpSession session=request.getSession(); String captcha=(String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY); session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY); UsernamePasswordCredentials upc=(UsernamePasswordCredentials)credentials; String submitcaptcha=upc.getCaptcha(); if(!StringUtils.hasText(submitcaptcha)||!StringUtils.hasText(captcha)) { messageContext.addMessage(new MessageBuilder().error().code("required.captcha").build()); return "error"; } if(!submitcaptcha.equals(captcha)) { messageContext.addMessage(new MessageBuilder().error().code("error.authentication.captcha.bad").build()); return "error"; } <!--修改开始--> try { WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials)); putWarnCookieIfRequestParameterPresent(context); return "success"; } catch (final TicketException e) { populateErrorsInstance(e, messageContext); if (isCauseAuthenticationException(e)) return getAuthenticationExceptionEventId(e); return "error"; } }