- 浏览: 258156 次
- 性别:
- 来自: 北京
文章分类
最新评论
-
jeans_1312:
...
JAVA检测字符串编码并转换 -
zenzuguo:
为啥我在eclipse tomcat6.0启动时总报错
Ma ...
appfuse2.0.2在eclipse下的开发和使用 -
josewu2009:
楼主我用你的方法在window机器 上 压缩后 ,解压文件时报 ...
java压缩文件夹下的所有文件和选定文件及乱码解决 -
TonyLian:
我觉得2楼提出的,只不过是看起来更漂亮而已,原写法也不会出现B ...
Ibatis动态查询例子(#和$以及iterate等的用法) -
zhaoshg:
谢谢 lemonweirui 的更正,帮我发现了一个bug,谢 ...
Ibatis动态查询例子(#和$以及iterate等的用法)
1、从jcaptcha官方网站下载jcaptcha的发行包,并将其发行包中的jar文件考贝到本地项目WEB-INF目录下的lib目录中。
官方网址http://jcaptcha.sourceforge.net/
2、在web.xml文件中配置
3、jcaptcha在spring中的配置
·············省略了一些spring安全框架的bean,自己加去吧
4、编写jcaptcha的实体类
实体类包的路径一定要和spring配置文件里的路径一样
(1)CaptchaEngine 类
(2)CaptchaEngineEx 类
(3)ImageCaptchaServlet 类
(4)JCaptchaServiceProxyImpl 类
官方网址http://jcaptcha.sourceforge.net/
2、在web.xml文件中配置
<servlet> <servlet-name>jcaptcha</servlet-name> <servlet-class>cn.hxex.order.core.jcaptcha.ImageCaptchaServlet</servlet-class> <load-on-startup>3</load-on-startup> </servlet> <servlet-mapping> <servlet-name>jcaptcha</servlet-name> <url-pattern>/captcha.jpg</url-pattern> </servlet-mapping>
3、jcaptcha在spring中的配置
<bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter"> <property name="channelDecisionManager"> <ref local="channelDecisionManager"/> </property> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /j_security_check=REQUIRES_CAPTCHA_ONCE_ABOVE_THRESOLD_REQUESTS </value> </property> </bean> <bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl"> <property name="channelProcessors"> <list> <ref local="testOnceAfterMaxRequestsCaptchaChannelProcessor"/> <ref local="alwaysTestAfterTimeInMillisCaptchaChannelProcessor"/> <ref local="alwaysTestAfterMaxRequestsCaptchaChannelProcessor"/> <ref local="alwaysTestBelowAverageTimeInMillisBetweenRequestsChannelProcessor"/> </list> </property> </bean> <!-- REQUIRES_CAPTCHA_ONCE_ABOVE_THRESOLD_REQUESTS --> <bean id="testOnceAfterMaxRequestsCaptchaChannelProcessor" class="org.acegisecurity.captcha.TestOnceAfterMaxRequestsCaptchaChannelProcessor"> <property name="thresold"> <value>0</value> </property> <property name="entryPoint"> <ref bean="captchaEntryPoint"/> </property> </bean> <!-- REQUIRES_CAPTCHA_ABOVE_THRESOLD_REQUESTS --> <bean id="alwaysTestAfterMaxRequestsCaptchaChannelProcessor" class="org.acegisecurity.captcha.AlwaysTestAfterMaxRequestsCaptchaChannelProcessor"> <property name="thresold"> <value>5</value> </property> <property name="entryPoint"> <ref bean="captchaEntryPoint"/> </property> </bean> <!-- REQUIRES_CAPTCHA_AFTER_THRESOLD_IN_MILLIS --> <bean id="alwaysTestAfterTimeInMillisCaptchaChannelProcessor" class="org.acegisecurity.captcha.AlwaysTestAfterTimeInMillisCaptchaChannelProcessor"> <property name="thresold"> <value>5000</value> </property> <property name="entryPoint"> <ref bean="captchaEntryPoint"/> </property> </bean> <!-- REQUIRES_CAPTCHA_BELOW_AVERAGE_TIME_IN_MILLIS_REQUESTS --> <bean id="alwaysTestBelowAverageTimeInMillisBetweenRequestsChannelProcessor" class="org.acegisecurity.captcha.AlwaysTestBelowAverageTimeInMillisBetweenRequestsChannelProcessor"> <property name="thresold"> <value>20000</value> </property> <property name="entryPoint"> <ref bean="captchaEntryPoint"/> </property> </bean> <bean id="captchaEntryPoint" class="org.acegisecurity.captcha.CaptchaEntryPoint"> <!--验证码验证失败后转向的页面!--> <property name="captchaFormUrl"> <value>/admin/login.jsp?login_error=code_error</value> </property> <property name="includeOriginalRequest"> <value>false</value> </property> <property name="includeOriginalParameters"> <value>false</value> </property> </bean> <bean id="captchaValidationProcessingFilter" class="org.acegisecurity.captcha.CaptchaValidationProcessingFilter"> <property name="captchaService"> <ref bean="captchaService"/> </property> <property name="captchaValidationParameter" value="j_captcha_response"/> </bean> <!-- imageCaptchaService is injected into captchaImageCreateController as well as to captchaService beans --> <!--自己定义的实体类(注意路径!!)--> <bean id="captchaService" class="cn.hxex.order.core.jcaptcha.JCaptchaServiceProxyImpl"> <property name="jcaptchaService" ref="imageCaptchaService"/> </bean> <bean id="imageCaptchaService" class="com.octo.captcha.service.image.DefaultManageableImageCaptchaService"> <constructor-arg type="com.octo.captcha.service.captchastore.CaptchaStore" index="0"> <ref bean="fastHashMapCaptchaStore"/> </constructor-arg> <!-- (1) which captcha Engine you use --> <constructor-arg type="com.octo.captcha.engine.CaptchaEngine" index="1"> <ref bean="captchaEngineEx"/> </constructor-arg> <constructor-arg index="2"> <value>180</value> </constructor-arg> <constructor-arg index="3"> <value>100000</value> </constructor-arg> <constructor-arg index="4"> <value>75000</value> </constructor-arg> </bean> <bean id="fastHashMapCaptchaStore" class="com.octo.captcha.service.captchastore.FastHashMapCaptchaStore"/> <!-- (2) you can define more than one captcha engine here --> <bean id="captchaEngineEx" class="cn.hxex.order.core.jcaptcha.engine.CaptchaEngineEx"> </bean> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,captchaValidationProcessingFilter,channelProcessingFilter,authenticationProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> </property> </bean> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"> <!-- 将下面的property注释掉,验证码将无效!!! --> <property name="context"> <value> org.acegisecurity.captcha.CaptchaSecurityContextImpl </value> </property> </bean>
·············省略了一些spring安全框架的bean,自己加去吧
4、编写jcaptcha的实体类
实体类包的路径一定要和spring配置文件里的路径一样
(1)CaptchaEngine 类
package cn.hxex.order.core.jcaptcha.engine; import java.awt.Color; import com.octo.captcha.component.image.backgroundgenerator.BackgroundGenerator; import com.octo.captcha.component.image.backgroundgenerator .FunkyBackgroundGenerator; import com.octo.captcha.component.image.fontgenerator.FontGenerator; import com.octo.captcha.component.image.fontgenerator .TwistedAndShearedRandomFontGenerator; import com.octo.captcha.component.image.textpaster.RandomTextPaster; import com.octo.captcha.component.image.textpaster.TextPaster; import com.octo.captcha.component.image.wordtoimage.ComposedWordToImage; import com.octo.captcha.component.image.wordtoimage.WordToImage; import com.octo.captcha.component.word.wordgenerator.RandomWordGenerator; import com.octo.captcha.component.word.wordgenerator.WordGenerator; import com.octo.captcha.engine.image.ListImageCaptchaEngine; import com.octo.captcha.image.gimpy.GimpyFactory; /** * SpringSide Custom的认证图片 * * @author cac */ public class CaptchaEngine extends ListImageCaptchaEngine { /** * @see ListImageCaptchaEngine */ protected void buildInitialFactories() { WordGenerator wordGenerator = new RandomWordGenerator("023456789"); // nteger minAcceptedWordLength, Integer maxAcceptedWordLength,Color[] // textColors TextPaster textPaster = new RandomTextPaster(4,5, Color.WHITE); // Integer width, Integer height BackgroundGenerator backgroundGenerator = new FunkyBackgroundGenerator(100,40); // Integer minFontSize, Integer maxFontSize FontGenerator fontGenerator = new TwistedAndShearedRandomFontGenerator(20, 22); WordToImage wordToImage = new ComposedWordToImage(fontGenerator, backgroundGenerator, textPaster); addFactory(new GimpyFactory(wordGenerator, wordToImage)); } }
(2)CaptchaEngineEx 类
package cn.hxex.order.core.jcaptcha.engine; import java.awt.Color; import com.octo.captcha.component.image.backgroundgenerator.BackgroundGenerator; import com.octo.captcha.component.image.backgroundgenerator .GradientBackgroundGenerator; import com.octo.captcha.component.image.color.SingleColorGenerator; import com.octo.captcha.component.image.fontgenerator.FontGenerator; import com.octo.captcha.component.image.fontgenerator.RandomFontGenerator; import com.octo.captcha.component.image.textpaster.DecoratedRandomTextPaster; import com.octo.captcha.component.image.textpaster.TextPaster; import com.octo.captcha.component.image.textpaster.textdecorator .BaffleTextDecorator; import com.octo.captcha.component.image.textpaster.textdecorator .LineTextDecorator; import com.octo.captcha.component.image.textpaster.textdecorator.TextDecorator; import com.octo.captcha.component.image.wordtoimage.ComposedWordToImage; import com.octo.captcha.component.image.wordtoimage.WordToImage; import com.octo.captcha.component.word.wordgenerator.RandomWordGenerator; import com.octo.captcha.component.word.wordgenerator.WordGenerator; import com.octo.captcha.engine.image.ListImageCaptchaEngine; import com.octo.captcha.image.gimpy.GimpyFactory; /** * Captcha增强版本 * * @author david.turing@gmail.com * @modifyTime 21:01:52 * @description * <pre> * 安装 Captcha Instruction <br> * 1.add captchaValidationProcessingFilter * to applicationContext-acegi-security.xml<br> * 2.modify applicationContext-captcha-security.xml * <ul> * <li> make sure that captchaValidationProcessingFilter Call captchaService <li> config CaptchaEngine for captchaService (refer imageCaptchaService) <li> write your own CaptchaEngine <li> config the following, so that We use CaptchaEngineEx to generate the captcha image. </ul> <constructor-arg * type="com.octo.captcha.engine.CaptchaEngine" index="1"> * <ref bean="captchaEngineEx"/gt; </constructor-arg> * </pre> */ public class CaptchaEngineEx extends ListImageCaptchaEngine { /** * ... */ protected void buildInitialFactories() { //Set Captcha Word Length Limitation which should not over 6 Integer minAcceptedWordLength = new Integer(4); Integer maxAcceptedWordLength = new Integer(5); //Set up Captcha Image Size: Height and Width Integer imageHeight = new Integer(40); Integer imageWidth = new Integer(100); //Set Captcha Font Size Integer minFontSize = new Integer(20); Integer maxFontSize = new Integer(22); //We just generate digit for captcha source char Although you can use //abcdefg......xyz WordGenerator wordGenerator = new RandomWordGenerator("023456789"); //cyt and unruledboy proved that backgroup not a factor of Security. A //captcha attacker won't affaid colorful backgroud, so we just use white //color, like google and hotmail. BackgroundGenerator backgroundGenerator = new GradientBackgroundGenerator( imageWidth, imageHeight, Color.white, Color.white); //font is not helpful for security but it really increase difficultness for //attacker FontGenerator fontGenerator = new RandomFontGenerator(minFontSize, maxFontSize); // Note that our captcha color is Blue SingleColorGenerator scg = new SingleColorGenerator(Color.blue); //decorator is very useful pretend captcha attack. we use two line text //decorators. LineTextDecorator lineDecorator = new LineTextDecorator(1, Color.blue); // LineTextDecorator line_decorator2 = new LineTextDecorator(1, Color.blue); TextDecorator[] textdecorators = new TextDecorator[1]; textdecorators[0] = lineDecorator; // textdecorators[1] = line_decorator2; TextPaster textPaster = new DecoratedRandomTextPaster( minAcceptedWordLength, maxAcceptedWordLength, scg, new TextDecorator[] { new BaffleTextDecorator(new Integer(1), Color.white) }); //ok, generate the WordToImage Object for logon service to use. WordToImage wordToImage = new ComposedWordToImage( fontGenerator, backgroundGenerator, textPaster); addFactory(new GimpyFactory(wordGenerator, wordToImage)); } }
(3)ImageCaptchaServlet 类
package cn.hxex.order.core.jcaptcha; import com.octo.captcha.service.CaptchaServiceException; import com.octo.captcha.service.image.ImageCaptchaService; import com.sun.image.codec.jpeg.JPEGCodec; import com.sun.image.codec.jpeg.JPEGImageEncoder; import org.apache.commons.lang.StringUtils; import org.springframework.context.ApplicationContext; import org.springframework.web.context.support.WebApplicationContextUtils; import javax.servlet.ServletConfig; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.awt.image.BufferedImage; import java.io.ByteArrayOutputStream; import java.io.IOException; /** * Servlet generates CAPTCHA jpeg images based on the JCAPTCHA package. It's * configured via spring, and requires a ImageCaptchaService bean with the * id=imageCaptchaService * 基于JCAPTCHA生成CAPTCHA jpeg图片的Servlet。它通过Spring进行配置,并且set一个 * 类型为ImageCaptchaService,id为imageCaptchaService的bean * @author Jason Thrasher */ @SuppressWarnings("serial") public class ImageCaptchaServlet extends HttpServlet { /** * Captcha Service Name */ private String captchaServiceName = "imageCaptchaService"; /** * @see HttpServlet#init(ServletConfig) */ public void init(ServletConfig servletConfig) throws ServletException { if (StringUtils.isNotBlank(servletConfig .getInitParameter("captchaServiceName"))) { captchaServiceName = servletConfig.getInitParameter("captchaServiceName"); } super.init(servletConfig); } /** * @see HttpServlet#doGet() */ protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { byte[] captchaChallengeAsJpeg = null; // the output stream to render the captcha image as jpeg into ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream(); try { // get the image captcha service defined via the SpringFramework ApplicationContext ctx = WebApplicationContextUtils .getRequiredWebApplicationContext(getServletContext()); Object bean = ctx.getBean(captchaServiceName); ImageCaptchaService imageCaptchaService = (ImageCaptchaService) bean; // get the session id that will identify the generated captcha. // the same id must be used to validate the response, the session id // is a good candidate! String captchaId = httpServletRequest.getSession().getId(); // call the ImageCaptchaService getChallenge method BufferedImage challenge = imageCaptchaService.getImageChallengeForID( captchaId, httpServletRequest.getLocale()); // a jpeg encoder JPEGImageEncoder jpegEncoder = JPEGCodec .createJPEGEncoder(jpegOutputStream); jpegEncoder.encode(challenge); } catch (IllegalArgumentException e) { httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND); return; } catch (CaptchaServiceException e) { httpServletResponse .sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); return; } captchaChallengeAsJpeg = jpegOutputStream.toByteArray(); // flush it in the response httpServletResponse.setHeader("Cache-Control", "no-store"); httpServletResponse.setHeader("Pragma", "no-cache"); httpServletResponse.setDateHeader("Expires", 0); httpServletResponse.setContentType("image/jpeg"); ServletOutputStream responseOutputStream = httpServletResponse .getOutputStream(); responseOutputStream.write(captchaChallengeAsJpeg); responseOutputStream.flush(); responseOutputStream.close(); } }
(4)JCaptchaServiceProxyImpl 类
package cn.hxex.order.core.jcaptcha; import com.octo.captcha.service.CaptchaService; import com.octo.captcha.service.CaptchaServiceException; import org.acegisecurity.captcha.CaptchaServiceProxy; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; /** * 实现 CaptchaServiceProxy 用于acegi来校验,由spring注入jcaptchaService * * @author sshwsfc@gmail.com */ public class JCaptchaServiceProxyImpl implements CaptchaServiceProxy { /** * Log for the class */ protected static Log log = LogFactory.getLog(JCaptchaServiceProxyImpl.class); /** * instance of CaptchaService. */ private CaptchaService jcaptchaService; /** * @see {@link CaptchaServiceProxy#validateReponseForId(String, Object)} */ public boolean validateReponseForId(String id, Object response) { log.debug("validating captcha response"); try { boolean isHuman = jcaptchaService.validateResponseForID(id, response) .booleanValue(); if (isHuman) { log.debug("captcha passed"); } else { log.warn("captcha failed"); } return isHuman; } catch (CaptchaServiceException cse) { // fixes known bug in JCaptcha log.warn("captcha validation failed due to exception", cse); return false; } } public void setJcaptchaService(CaptchaService jcaptchaService) { this.jcaptchaService = jcaptchaService; } }
发表评论
-
log4j 配置详解
2009-10-23 15:48 933log4j.properties 使用 ... -
编程能力的四种境界
2009-07-20 13:32 733人类心理学研究中的一个基础支撑科目就是分析人的潜意识和意识。 ... -
开发人员一定要加入收藏夹的网站
2009-07-10 17:30 866http://www.gotapi.com/ 语言:英语 简 ... -
Vim的常用命令
2009-06-11 10:51 1600Vi是“Visual interface”的简称,它在Linu ... -
IE和Firefox在JavaScript方面的不兼容及统一方法总结
2009-05-30 23:47 1035IE和Firefox(火狐)在JavaScript方面的不兼容 ... -
windows 上右键打开命令行窗口
2009-05-19 11:56 3514总是用到svn和maven命令,每次定位目录太麻烦,想加入个向 ... -
用Sitemesh控制页面布局
2009-05-13 17:16 1191简介: sitemesh应用Decorator模式,用 ... -
Firebug入门指南
2009-05-13 01:10 1583... -
Firebug中你不该错过的几个功能
2009-05-13 01:07 1200Firebug 是Firefox的一个扩展,提供了诸多网页开 ... -
初识Firebug 全文 — firebug的使用
2009-05-13 01:05 1177什么是Firebug 从事了数年的Web开发工作,越来越觉得 ... -
Eclispe安装commons4e插件
2009-05-10 01:59 2379commons4e插件可以帮助你自动生成ToString、eq ... -
离线浏览器Offline Explorer教程
2009-05-01 13:40 9304提及离线浏览软件,我 ...
相关推荐
Spring、SpringMVC和Mybatis是Java开发中最常用的三大开源框架,它们的整合使用,通常被称为SSM框架。这个框架组合提供了完整的后端服务解决方案,包括依赖注入(DI)、面向切面编程(AOP)、模型-视图-控制器(MVC...
人事管理系统,基于Spring+SpringMVC+Mybatis框架,该项目两级权限管理员与普通员工,包含用户管理,部门管理,职位管理,员工管理,公告管理,下载中心等多个模块
本篇文章将详细讲解基于Spring、SpringMVC、MyBatis、SpringSecurity、EhCache和JCaptcha这六大组件构建的Web框架。 1. **Spring**: Spring作为整个框架的核心,提供了依赖注入(DI)和面向切面编程(AOP)等特性...
在Struts2+Spring+MyBatis的架构中,MyBatis负责与数据库交互,通过XML或注解方式配置SQL语句,使得数据库操作更加灵活且易于维护。 **整合过程** 1. **配置Spring**:创建Spring配置文件,定义Bean,包括Action、...
SSM(Spring MVC + Spring + MyBatis)是Java Web开发中常见的三层架构组合,它将Spring MVC作为表现层框架,Spring作为业务层容器,MyBatis作为数据访问层框架。下面将详细介绍这三个组件以及它们如何协同工作。 *...
Spring+SpringMVC+Hibernate 框架集成详解 本文档旨在详细介绍 Spring、SpringMVC 和 Hibernate 框架的集成,旨在帮助开发人员快速了解这三个框架的集成过程。 Spring 框架 Spring 框架是一个 Java 语言的开源...
"myBatis+spring+cxf 框架简单整合(包jar)"的项目中,开发者已经完成了这三者的基础整合工作。MyBatis作为数据访问层,负责与数据库进行交互;Spring作为应用的“胶水”,管理和协调各个组件,包括MyBatis的...
### 安全性 + Jcaptcha (验证码) + MyBatis框架搭建详解 #### 一、项目背景与目标 本文档将详细介绍如何通过...以上就是关于“security+jcaptcha(验证码)+mybatis框架搭建”的详细知识点介绍,希望能对读者有所帮助。
Maven+Spring+Spring MVC+MyBatis+MySQL,搭建SSM框架环境
SSM(spring+spring MVC+mybatis)开发学生信息后台管理系统,实现学生增删改查功能设计一个简单的学生信息管理系统,要求使用SSM框架技术整合实现,用户登录后能够通过Web页面添加、删除、修改和查询学生信息 ...
根据提供的文件信息,本文将详细介绍如何使用 Spring Security 和 JCaptcha 框架来搭建一个包含验证码功能的安全系统。 ### 一、Spring Security简介 Spring Security 是一个强大的且高度可定制的身份验证和访问...
在"通过spring整合jcaptcha来处理验证码"这个主题中,我们需要理解以下几个关键知识点: 1. **jCaptcha介绍**: jCaptcha是一个基于Java的验证码解决方案,它能够生成包括字母、数字、甚至是图片元素在内的复杂...
基于 Extjs + spring + hibernate 的OA框架 基于 Extjs + spring + hibernate 的OA框架 基于 Extjs + spring + hibernate 的OA框架
系统功能:简单的设计了登录、注册以及主页的跳转... 开发环境:jdk7+tomcat7+myeclipse10+mysql5.5; 技术框架:spring + springmvc + mybatic ; 前端技术:html + jsp + javascript + jquery; 下载后需参照开发环境;
Java基于Spring+SpringMVC+MyBatis实现的学生信息管理系统源码,SSM+Vue的学生管理系统。 Java基于Spring+SpringMVC+MyBatis实现的学生信息管理系统源码,SSM+Vue的学生管理系统。 Java基于Spring+SpringMVC+...
基于Struts+Spring+Hibernate框架的网络评比系统.
AJAX实现用户登录注册(Struts+Spring+Hibernate+Ajax框架) AJAX实现用户登录注册(Struts+Spring+Hibernate+Ajax框架) AJAX实现用户登录注册(Struts+Spring+Hibernate+Ajax框架)
Spring MVC、Spring和Mybatis是Java开发中非常流行的三大开源框架,它们的组合,通常被称为“SSM”框架。SSM框架的使用可以极大地提高Web应用的开发效率,通过合理的解耦,使得各组件能够更好地协同工作。接下来,...
这个“struts2+spring+iBatis框架包”集成了这三个框架,使得开发者能够快速构建基于MVC(Model-View-Controller)模式的Web应用。 Struts2作为MVC框架,负责处理应用程序的控制逻辑。它通过Action类和配置文件定义...
Spring4 SpringMVC MyBatis 模板引擎beetl 前端bootstrap 数据源druid 缓存ehcache MyBatis分页插件PageHelper MyBatis通用Mapper 源码完整+带sql脚本+亲测可以用,而且功能很强大,是一个完善的框架实例。