一、jsp和jar包
<img src="/open/validateImg.html" οnclick="this.src ='/open/validateImg.html?'+Math.random()" title="驗證碼" class="validate_img" />
<!-- 驗證碼 -->
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>2.3.2</version>
</dependency>
二、背景
@Autowired
private Producer captchaProducer;
@RequestMapping(value="validateImg.html")
public ModelAndView getKaptchaImage(HttpServletRequest request, HttpServletResponse response) throws Exception {
HttpSession session = request.getSession();
String code = (String)session.getAttribute(Constants.KAPTCHA_SESSION_KEY);
System.out.println("驗證碼: " + code );
response.setDateHeader("Expires", 0);
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Pragma", "no-cache");
response.setContentType("image/jpeg");
String capText = captchaProducer.createText();
session.setAttribute(Constants.KAPTCHA_SESSION_KEY, capText);
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
ImageIO.write(bi, "jpg", out);
try {
out.flush();
} finally {
out.close();
}
return null;
}
三、配置檔案
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.0.xsd ">
<!--優先級從上往下-->
<security:http use-expressions="true"> <!--use-expressions 預設為true-->
<security:form-login login-page="/open/login.html" login-processing-url="/j_spring_security_check"
username-parameter="username" password-parameter="password"
authentication-success-handler-ref="loginSuccessHandler" authentication-failure-handler-ref="loginFailureHandler"/>
<security:access-denied-handler error-page="/open/accessDeny.html"/>
<security:logout logout-url="/open/loyou.html" invalidate-session="true"
logout-success-url="/open/login.html"/>
<security:intercept-url pattern="/resource/**" access="permitAll"/>
<security:intercept-url pattern="/" access="permitAll"/>
<security:intercept-url pattern="/open/**" access="permitAll"/>
<security:intercept-url pattern="/secure/**" access="fullyAuthenticated"/>
<security:intercept-url pattern="/**" access="denyAll"/>
<security:custom-filter ref="validateCodeFilter" before="FORM_LOGIN_FILTER"/>
</security:http>
<!--登入成功跳轉-->
<bean id="loginSuccessHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/secure/index.html"/>
</bean>
<!--登入失敗跳轉-->
<bean id="loginFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/open/login.html"/>
</bean>
<!--驗證碼-->
<bean id="validateCodeFilter" class="com.test.ipran.common.security.ValidateCodeFilter">
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationSuccessHandler" ref="loginSuccessHandler"/>
<property name="authenticationFailureHandler" ref="loginFailureHandler"/>
<property name="filterProcessesUrl" value="/j_spring_security_check"/>
</bean>
<bean id="captchaProducer" class="com.google.code.kaptcha.impl.DefaultKaptcha">
<property name="config">
<bean class="com.google.code.kaptcha.util.Config">
<constructor-arg>
<props>
<prop key="kaptcha.border">yes</prop>
<prop key="kaptcha.border.color">105,179,90</prop>
<prop key="kaptcha.textproducer.font.color">blue</prop>
<prop key="kaptcha.image.width">125</prop>
<prop key="kaptcha.image.height">45</prop>
<prop key="kaptcha.textproducer.font.size">45</prop>
<prop key="kaptcha.session.key">code</prop>
<prop key="kaptcha.textproducer.char.length">4</prop>
<prop key="kaptcha.textproducer.font.names">宋體,楷體,微軟雅黑</prop>
</props>
</constructor-arg>
</bean>
</property>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider user-service-ref="ipranUserDetailsService">
<security:password-encoder ref="passwordEncoder"/>
</security:authentication-provider>
</security:authentication-manager>
<bean id="passwordEncoder" class="com.test.ipran.common.security.IpranPasswordEncoder"></bean>
</beans>
kaptcha.border 是否有邊框 預設為true 我們可以自己設定yes,no
kaptcha.border.color 邊框顔色 預設為Color.BLACK
kaptcha.border.thickness 邊框粗細度 預設為1
kaptcha.producer.impl 驗證碼生成器 預設為DefaultKaptcha
kaptcha.textproducer.impl 驗證碼文本生成器 預設為DefaultTextCreator
kaptcha.textproducer.char.string 驗證碼文本字元内容範圍 預設為abcde2345678gfynmnpwx
kaptcha.textproducer.char.length 驗證碼文本字元長度 預設為5
kaptcha.textproducer.font.names 驗證碼文本字型樣式 預設為new Font("Arial", 1, fontSize), new Font("Courier", 1, fontSize)
kaptcha.textproducer.font.size 驗證碼文本字元大小 預設為40
kaptcha.textproducer.font.color 驗證碼文本字元顔色 預設為Color.BLACK
kaptcha.textproducer.char.space 驗證碼文本字元間距 預設為2
kaptcha.noise.impl 驗證碼噪點生成對象 預設為DefaultNoise
kaptcha.noise.color 驗證碼噪點顔色 預設為Color.BLACK
kaptcha.obscurificator.impl 驗證碼樣式引擎 預設為WaterRipple
kaptcha.word.impl 驗證碼文本字元渲染 預設為DefaultWordRenderer
kaptcha.background.impl 驗證碼背景生成器 預設為DefaultBackground
kaptcha.background.clear.from 驗證碼背景顔色漸進 預設為Color.LIGHT_GRAY
kaptcha.background.clear.to 驗證碼背景顔色漸進 預設為Color.WHITE
kaptcha.image.width 驗證碼圖檔寬度 預設為200
kaptcha.image.height 驗證碼圖檔高度 預設為50
![Spring Security hello world example[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)