検索

ホームページ  >  に質問  >  本文

java - spring security实现验证码,在idea中运行一切正常,但是项目生成war部署到外部tomcat出错

验证码的过滤器

public class ValidateCodeUsernamePasswordAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private String defaultFilterProcessesPath;

    public ValidateCodeUsernamePasswordAuthenticationFilter(String defaultFilterProcessesUrl, String failureUrl) {
        super(defaultFilterProcessesUrl);
        this.defaultFilterProcessesPath = defaultFilterProcessesUrl;
        setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(failureUrl));
    }


    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        if ("POST".equalsIgnoreCase(request.getMethod()) && defaultFilterProcessesPath.equalsIgnoreCase(request.getServletPath())) {
            String validateCode = request.getParameter("verifitcaionCode");
            String realVailDateCode = (String) request.getSession().getAttribute(Constants.KAPTCHA_SESSION_CONFIG_KEY);
//            equalsIgnoreCase比较时忽略大小写
            if (realVailDateCode != null && !realVailDateCode.equalsIgnoreCase(validateCode)) {
                unsuccessfulAuthentication(request, response, new InsufficientAuthenticationException("输入的验证码不正确"));
                return;
            }

        }

        chain.doFilter(req, res);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        return null;
    }

}

在DispatcherServlet中注册KaptchaServlet servlet

public class DispatcherServletInitializer extends AbstractAnnotationConfigDispatcherServletInitializer {
    @Override
    public void onStartup(ServletContext servletContext) throws ServletException {
        super.onStartup(servletContext);
        FilterRegistration.Dynamic encodingFilter = servletContext.addFilter("encoding-filter", CharacterEncodingFilter.class);
        encodingFilter.setInitParameter("encoding", "UTF-8");
        encodingFilter.setInitParameter("forceEncoding", "true");
        encodingFilter.setAsyncSupported(true);
        encodingFilter.addMappingForUrlPatterns(null, true, "/*");
        ServletRegistration.Dynamic kaptchaServlet = servletContext.addServlet("kaptcha-servlet", KaptchaServlet.class);
        kaptchaServlet.addMapping("/kaptcha/getKaptchaImage");
        
    }

在spring security的java配置类中使用如下代码:

 @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .csrf().disable()
                .addFilterBefore(new ValidateCodeUsernamePasswordAuthenticationFilter("/login", "/login?error"), UsernamePasswordAuthenticationFilter.class)}

在idea中可以正常运行整个项目,然而将项目打成war包之后,部署到外部的tomcat下,登录页面就找不到了。

高洛峰高洛峰2887日前485

全員に返信(1)返信します

  • PHPz

    PHPz2017-04-18 10:33:45

    ログインページが見つかりませんか?以前にこの問題が発生した人がいるようですが、私は 4 を使用したことがありません...おそらく確認コードとは関係がありません。まずコメントアウトして、もう一度見てください。

    返事
    0
  • キャンセル返事