亚洲国产日韩欧美一区二区三区,精品亚洲国产成人av在线,国产99视频精品免视看7,99国产精品久久久久久久成人热,欧美日韩亚洲国产综合乱

驗(yàn)證碼的過濾器

public class ValidateCodeUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private String defaultFilterProcessesPath;

    public ValidateCodeUsernamePasswordAuthenticationFilter(String defaultFilterProcessesUrl, String failureUrl) {
        super(defaultFilterProcessesUrl);
        this.defaultFilterProcessesPath = defaultFilterProcessesUrl;
        setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(failureUrl));
    }


    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        if ("POST".equalsIgnoreCase(request.getMethod()) && defaultFilterProcessesPath.equalsIgnoreCase(request.getServletPath())) {
            String validateCode = request.getParameter("verifitcaionCode");
            String realVailDateCode = (String) request.getSession().getAttribute(Constants.KAPTCHA_SESSION_CONFIG_KEY);
//            equalsIgnoreCase比較時(shí)忽略大小寫
            if (realVailDateCode != null && !realVailDateCode.equalsIgnoreCase(validateCode)) {
                unsuccessfulAuthentication(request, response, new InsufficientAuthenticationException("輸入的驗(yàn)證碼不正確"));
                return;
            }

        }

        chain.doFilter(req, res);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        return null;
    }

}

在DispatcherServlet中注冊KaptchaServlet servlet

public class DispatcherServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
    @Override
    public void onStartup(ServletContext servletContext) throws ServletException {
        super.onStartup(servletContext);
        FilterRegistration.Dynamic encodingFilter = servletContext.addFilter("encoding-filter", CharacterEncodingFilter.class);
        encodingFilter.setInitParameter("encoding", "UTF-8");
        encodingFilter.setInitParameter("forceEncoding", "true");
        encodingFilter.setAsyncSupported(true);
        encodingFilter.addMappingForUrlPatterns(null, true, "/*");
        ServletRegistration.Dynamic kaptchaServlet = servletContext.addServlet("kaptcha-servlet", KaptchaServlet.class);
        kaptchaServlet.addMapping("/kaptcha/getKaptchaImage");
        
    }

在spring security的java配置類中使用如下代碼：

 @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .addFilterBefore(new ValidateCodeUsernamePasswordAuthenticationFilter("/login", "/login?error"), UsernamePasswordAuthenticationFilter.class)}

在idea中可以正常運(yùn)行整個(gè)項(xiàng)目，然而將項(xiàng)目打成war包之后，部署到外部的tomcat下，登錄頁面就找不到了。