8 жил өмнө · 0c6cd246dd
--- a/gkaqv2/trunk/modules/web/src/main/java/com/xt/js/gkaq/common/GlobalData.java
+++ b/gkaqv2/trunk/modules/web/src/main/java/com/xt/js/gkaq/common/GlobalData.java
@@ -1,13 +1,9 @@
 
				 package com.xt.js.gkaq.common;

			
 
				 

			
 
				-

			
 
				-

			
 
				 /**

			
 
				  * 全局信息设置

			
 
				  */

			
 
				 public class GlobalData {

			
 
				-	

			
 
				-	/** session中保存验证码 */

			
 
				-	public static final String USER_SESSION_CHECK_CODE = "USER_SESSION_CHECK_CODE";

			
 
				+

			
 
				 

			
 
				 }

			
--- a/gkaqv2/trunk/modules/web/src/main/java/com/xt/js/gkaq/web/ctl/auth/AuthenticateController.java
+++ b/gkaqv2/trunk/modules/web/src/main/java/com/xt/js/gkaq/web/ctl/auth/AuthenticateController.java
@@ -13,6 +13,7 @@ import javax.imageio.ImageIO;
 
				 import javax.servlet.http.HttpServletRequest;

			
 
				 import javax.servlet.http.HttpServletResponse;

			
 
				 

			
 
				+import org.apache.shiro.SecurityUtils;

			
 
				 import org.springframework.stereotype.Controller;

			
 
				 import org.springframework.util.FileCopyUtils;

			
 
				 import org.springframework.web.bind.annotation.RequestMapping;

			
@@ -21,7 +22,7 @@ import org.springframework.web.bind.annotation.RequestParam;
 
				 import org.springframework.web.bind.annotation.ResponseBody;

			
 
				 

			
 
				 import com.xt.js.gkaq.common.BaseCtl;

			
 
				-import com.xt.js.gkaq.common.GlobalData;

			
 
				+import com.xt.js.gkaq.frame.system.CaptchaValidateFilter;

			
 
				 

			
 
				 /**

			
 
				  * 控制器

			
@@ -38,8 +39,7 @@ public class AuthenticateController extends BaseCtl {
 
				 

			
 
				     @RequestMapping(value = "checkcode")

			
 
				     @ResponseBody

			
 
				-    public void checkcode(@RequestParam(value = "checkcode", required = false) String checkcode,

			
 
				-            HttpServletResponse response, HttpServletRequest request) {

			
 
				+    public void checkcode(HttpServletResponse response, HttpServletRequest request) {

			
 
				         try {

			
 
				             response.reset();

			
 
				             // 响应类型,即MIME类型

			
@@ -70,18 +70,18 @@ public class AuthenticateController extends BaseCtl {
 
				                 // + ")");

			
 
				             }

			
 
				             // 生成随机字符

			
 
				-            String sRand = "";

			
 
				+            String captcha = "";

			
 
				             for (int i = 0; i < 4; i++) {

			
 
				                 String rand = String.valueOf(random.nextInt(10));

			
 
				-                sRand += rand;

			
 
				+                captcha += rand;

			
 
				             }

			
 
				-            for (int i = 0; i < sRand.length(); i++) {

			
 
				-                String rand = sRand.substring(i, i + 1);

			
 
				+            for (int i = 0; i < captcha.length(); i++) {

			
 
				+                String rand = captcha.substring(i, i + 1);

			
 
				                 g.setColor(new Color(20 + random.nextInt(110), 20 + random.nextInt(110), 20 + random.nextInt(110)));

			
 
				                 g.drawString(rand, 13 * i + 6, 16);

			
 
				             }

			
 
				             // 将随机验证码放入session

			
 
				-            request.getSession().setAttribute(GlobalData.USER_SESSION_CHECK_CODE, checkcode);

			
 
				+            SecurityUtils.getSubject().getSession().setAttribute(CaptchaValidateFilter.SESSION_CAPTCHA_PARAM, captcha);

			
 
				             // 关闭画笔

			
 
				             g.dispose();

			
 
				             // 写出

			
--- a/gkaqv2/trunk/modules/web/src/main/resources/spring/spring-shiro.xml
+++ b/gkaqv2/trunk/modules/web/src/main/resources/spring/spring-shiro.xml
@@ -33,6 +33,11 @@
 
				 		<property name="hashAlgorithmName" value="SHA-256" />
			
 
				 	</bean>
			
 
				 	<bean id="gkaqFormAuthenticationFilter" class="com.xt.js.gkaq.frame.system.GkaqFormAuthenticationFilter"></bean>
			
 
				+	<bean id="captchaValidateFilter"   class="com.xt.js.gkaq.frame.system.CaptchaValidateFilter">  
			
 
				+	    <property name="captchaEbabled" value="true"/>  
			
 
				+	    <property name="captchaParam" value="captcha"/>  
			
 
				+	    <property name="failureKeyAttribute" value="shiroLoginFailure"/>  
			
 
				+	</bean>  
			
 
				 	<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
			
 
				 		<property name="securityManager" ref="securityManager" />
			
 
				 		<property name="loginUrl" value="/login" />
			
@@ -40,11 +45,13 @@
 
				 		<property name="filters">
			
 
				 			<map>
			
 
				 				<entry key="authc" value-ref="gkaqFormAuthenticationFilter" />
			
 
				+				<entry key="captchaValidate" value-ref="captchaValidateFilter"/>  
			
 
				 			</map>
			
 
				 		</property>
			
 
				 		<property name="filterChainDefinitions">
			
 
				 			<value>
			
 
				 				/favicon.ico = anon
			
 
				+				/login = captchaValidate,authc  
			
 
				 				/logout = logout
			
 
				 				/authCtl/** = anon
			
 
				 				/static/** = anon
			
--- a/gkaqv2/trunk/modules/web/src/main/webapp/WEB-INF/view/sys/login.jsp
+++ b/gkaqv2/trunk/modules/web/src/main/webapp/WEB-INF/view/sys/login.jsp
@@ -54,7 +54,7 @@
 
				 				<tr class="trlogin">

			
 
				 					<td class="tdname">ÑéÖ¤Âë £º</td>

			
 
				 					<td class="tdtxt">

			
 
				-						<input type="text" id="yzm" name="yzm"

			
 
				+						<input type="text" id="captcha" name="captcha" autocomplete="off"

			
 
				 							class="login_yzm" value="">

			
 
				 						<img src="<%=base%>/authCtl/checkcode" class="imgyzm"/>

			
 
				 					</td>