您的位置:首页 > 其它

[SSO单点登录]CAS 配置验证码

2015-03-26 19:45 465 查看
最近在添加cas验证码,参考了一下网上的教程,主要的有【SSO单点系列】(3):CAS4.0 登录页验证码的添加CAS添加验证码功能,大体上的配置和他们的是一样的,主要在AuthenticationViaFormAction
类和login_webflow.xml 的配置的不一样,编译在源码中进行。

介绍一下编译环境

1.Tomcat 8.0.20

2.jre1.8.0

3.cas 3.5.2版本

在login_webflow.xml


public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception {
// Validate login ticket
final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context);
final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context);
if (!authoritativeLoginTicket.equals(providedLoginTicket)) {
this.logger.warn("Invalid login ticket " + providedLoginTicket);
final String code = "INVALID_TICKET";
messageContext.addMessage(
new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build());
return "error";
}

final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Service service = WebUtils.getService(context);
if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {

try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
putWarnCookieIfRequestParameterPresent(context);
return "warn";
} catch (final TicketException e) {
if (isCauseAuthenticationException(e)) {
populateErrorsInstance(e, messageContext);
return getAuthenticationExceptionEventId(e);
}

this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
if (logger.isDebugEnabled()) {
logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
}
}
}
<!--增加开始-->
final HttpServletRequest request=WebUtils.getHttpServletRequest(context);
HttpSession session=request.getSession();
String captcha=(String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
UsernamePasswordCredentials upc=(UsernamePasswordCredentials)credentials;
String submitcaptcha=upc.getCaptcha();
if(!StringUtils.hasText(submitcaptcha)||!StringUtils.hasText(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("required.captcha").build());
return "error";
}
if(!submitcaptcha.equals(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("error.authentication.captcha.bad").build());
return "error";
}
<!--修改开始-->
try {
WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
putWarnCookieIfRequestParameterPresent(context);
return "success";
} catch (final TicketException e) {
populateErrorsInstance(e, messageContext);
if (isCauseAuthenticationException(e))
return getAuthenticationExceptionEventId(e);
return "error";
}
}


AuthenticationViaFormAction 中的配置主要把submit修改了,需要添加引用org.jasig.cas.authentication.principal.UsernamePasswordCredentials

public final String submit(final RequestContext context, final Credentials credentials, final MessageContext messageContext) throws Exception {
// Validate login ticket
final String authoritativeLoginTicket = WebUtils.getLoginTicketFromFlowScope(context);
final String providedLoginTicket = WebUtils.getLoginTicketFromRequest(context);
if (!authoritativeLoginTicket.equals(providedLoginTicket)) {
this.logger.warn("Invalid login ticket " + providedLoginTicket);
final String code = "INVALID_TICKET";
messageContext.addMessage(
new MessageBuilder().error().code(code).arg(providedLoginTicket).defaultText(code).build());
return "error";
}

final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final Service service = WebUtils.getService(context);
if (StringUtils.hasText(context.getRequestParameters().get("renew")) && ticketGrantingTicketId != null && service != null) {

try {
final String serviceTicketId = this.centralAuthenticationService.grantServiceTicket(ticketGrantingTicketId, service, credentials);
WebUtils.putServiceTicketInRequestScope(context, serviceTicketId);
putWarnCookieIfRequestParameterPresent(context);
return "warn";
} catch (final TicketException e) {
if (isCauseAuthenticationException(e)) {
populateErrorsInstance(e, messageContext);
return getAuthenticationExceptionEventId(e);
}

this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicketId);
if (logger.isDebugEnabled()) {
logger.debug("Attempted to generate a ServiceTicket using renew=true with different credentials", e);
}
}
}
<!--增加开始-->
final HttpServletRequest request=WebUtils.getHttpServletRequest(context);
HttpSession session=request.getSession();
String captcha=(String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
UsernamePasswordCredentials upc=(UsernamePasswordCredentials)credentials;
String submitcaptcha=upc.getCaptcha();
if(!StringUtils.hasText(submitcaptcha)||!StringUtils.hasText(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("required.captcha").build());
return "error";
}
if(!submitcaptcha.equals(captcha))
{
messageContext.addMessage(new MessageBuilder().error().code("error.authentication.captcha.bad").build());
return "error";
}
<!--修改开始-->
try {
WebUtils.putTicketGrantingTicketInRequestScope(context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
putWarnCookieIfRequestParameterPresent(context);
return "success";
} catch (final TicketException e) {
populateErrorsInstance(e, messageContext);
if (isCauseAuthenticationException(e))
return getAuthenticationExceptionEventId(e);
return "error";
}
}


[/code]
其他的请参考给出的文章。
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航