Add verification code to CAS

Add verification code to CAS

1. Add kaptcha. jar to the web-inf/web. xml lib under cas. war.

Get kaptcha. jar through maven

 <dependency>    <groupId>com.github.axet</groupId>    <artifactId>kaptcha</artifactId>    <version>0.0.9</version> </dependency>

This maven contains two jar and the other is the filters-2.0.235.jar

 

2. Add Verification Code ing in web-inf/web. xml under cas. war

<servlet>          <servlet-name>Kaptcha</servlet-name>          <servlet-class>com.google.code.kaptcha.servlet.KaptchaServlet</servlet-class>          <init-param>              <param-name>kaptcha.border</param-name>              <param-value>no</param-value>          </init-param>          <init-param>              <param-name>kaptcha.textproducer.char.space</param-name>              <param-value>5</param-value>          </init-param>          <init-param>              <param-name>kaptcha.textproducer.char.length</param-name>              <param-value>5</param-value>          </init-param>      </servlet>            <servlet-mapping>          <servlet-name>Kaptcha</servlet-name>          <url-pattern>/captcha.jpg</url-pattern>  </servlet-mapping>  

3. added the authcode attribute to the UsernamePasswordCredentials class in cas.

/** The authcode. */     @NotNull     @Size(min=1, message = "required.authcode")     private String authcode;       public String getAuthcode() {      return authcode;  }    public void setAuthcode(String authcode) {      this.authcode = authcode;  }    /**     * @return Returns the password.     */     public final String getPassword() {         return this.password;     }  

And rewrite the equals and hashCode methods.

@Override     public boolean equals(final Object o) {         if (this == o) return true;         if (o == null || getClass() != o.getClass()) return false;           UsernamePasswordCredentials that = (UsernamePasswordCredentials) o;           if (password != null ? !password.equals(that.password) : that.password != null) return false;         if (username != null ? !username.equals(that.username) : that.username != null) return false;         if (authcode != null ? !authcode.equals(that.authcode) : that.authcode != null) return false;         return true;     }       @Override     public int hashCode() {         int result = username != null ? username.hashCode() : 0;         result = 31 * result + (password != null ? password.hashCode() : 0);         result = 31 * result + (authcode != null ? authcode.hashCode() : 0);         return result;     }  

 

4. added the verification method for the AuthenticationViaFormAction class.

public final String validatorCode(final RequestContext context,  final Credentials credentials, final MessageContext messageContext) throws Exception {           final HttpServletRequest request = WebUtils.getHttpServletRequest(context);          HttpSession session = request.getSession();          String authcode = (String)session.getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);          session.removeAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);                    UsernamePasswordCredentials upc = (UsernamePasswordCredentials)credentials;          String submitAuthcode =upc.getAuthcode();          if(!StringUtils.hasText(submitAuthcode) || !StringUtils.hasText(authcode)){              populateErrorsInstance(new NullAuthcodeAuthenticationException(),messageContext);              return "error";            }          if(submitAuthcode.equals(authcode)){                return "success";          }          populateErrorsInstance(new BadAuthcodeAuthenticationException(),messageContext);          return "error";        }  

NullAuthcodeAuthenticationException and BadAuthcodeAuthenticationException are defined as exception classes and get exception encoding.

/*  * Licensed to Jasig under one or more contributor license  * agreements. See the NOTICE file distributed with this work  * for additional information regarding copyright ownership.  * Jasig licenses this file to you under the Apache License,  * Version 2.0 (the "License"); you may not use this file  * except in compliance with the License.  You may obtain a  * copy of the License at the following location:  *  *   http://www.apache.org/licenses/LICENSE-2.0  *  * Unless required by applicable law or agreed to in writing,  * software distributed under the License is distributed on an  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY  * KIND, either express or implied.  See the License for the  * specific language governing permissions and limitations  * under the License.  */  package org.jasig.cas.authentication.handler;    import org.jasig.cas.ticket.TicketException;    /**  * The exception to throw when we know the authcode is null  *   * @author Scott Battaglia  * @version $Revision$ $Date$  * @since 3.0  */  public class NullAuthcodeAuthenticationException extends TicketException {            /** Serializable ID for unique id. */      private static final long serialVersionUID = 5501212207531289993L;        /** Code description. */      public static final String CODE = "required.authcode";        /**      * Constructs a TicketCreationException with the default exception code.      */      public NullAuthcodeAuthenticationException() {          super(CODE);      }        /**      * Constructs a TicketCreationException with the default exception code and      * the original exception that was thrown.      *       * @param throwable the chained exception      */      public NullAuthcodeAuthenticationException(final Throwable throwable) {          super(CODE, throwable);      }}  

/*  * Licensed to Jasig under one or more contributor license  * agreements. See the NOTICE file distributed with this work  * for additional information regarding copyright ownership.  * Jasig licenses this file to you under the Apache License,  * Version 2.0 (the "License"); you may not use this file  * except in compliance with the License.  You may obtain a  * copy of the License at the following location:  *  *   http://www.apache.org/licenses/LICENSE-2.0  *  * Unless required by applicable law or agreed to in writing,  * software distributed under the License is distributed on an  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY  * KIND, either express or implied.  See the License for the  * specific language governing permissions and limitations  * under the License.  */  package org.jasig.cas.authentication.handler;    import org.jasig.cas.ticket.TicketException;    /**  * The exception to throw when we know the authcoe is not correct  *   * @author Scott Battaglia  * @version $Revision$ $Date$  * @since 3.0  */  public class BadAuthcodeAuthenticationException extends TicketException {            /** Serializable ID for unique id. */      private static final long serialVersionUID = 5501212207531289993L;        /** Code description. */      public static final String CODE = "error.authentication.authcode.bad";        /**      * Constructs a TicketCreationException with the default exception code.      */      public BadAuthcodeAuthenticationException() {          super(CODE);      }        /**      * Constructs a TicketCreationException with the default exception code and      * the original exception that was thrown.      *       * @param throwable the chained exception      */      public BadAuthcodeAuthenticationException(final Throwable throwable) {          super(CODE, throwable);      }}  

5. login_webflow.xml modify the login verification process

<view-state id="viewLoginForm" view="casLoginView" model="credentials">          <binder>              <binding property="username" />              <binding property="password" />              <binding property="authcode" />          </binder>          <on-entry>              <set name="viewScope.commandName" value="'credentials'" />          </on-entry>          <transition on="submit" bind="true" validate="true" to="authcodeValidate">              <evaluate expression="authenticationViaFormAction.doBind(flowRequestContext, flowScope.credentials)" />          </transition>      </view-state>        <action-state id="authcodeValidate">            <evaluate expression="authenticationViaFormAction.validatorCode(flowRequestContext, flowScope.credentials, messageContext)" />            <transition on="error" to="generateLoginTicket" />            <transition on="success" to="realSubmit" />        </action-state> 

6. Add International display information

InMessages_zh_CN.propertiesFile, similar to adding languages in other countries

screen.welcome.label.authcode=\u9A8C\u8BC1\u7801:  screen.welcome.label.authcode.accesskey=a  required.authcode=\u5FC5\u987B\u5F55\u5165\u9A8C\u8BC1\u7801\u3002  error.authentication.authcode.bad=\u9A8C\u8BC1\u7801\u8F93\u5165\u6709\u8BEF\u3002  

7. Enter the verification code in casLoginView. jsp on the logon page.

<div class="row fl-controls-left">                        <label for="authcode"><spring:message code="screen.welcome.label.authcode" /></label>                        <spring:message code="screen.welcome.label.authcode.accesskey" var="authcodeAccessKey" />                          <table>                          <tr>                                  <td>                          <form:input cssClass="required" cssErrorClass="error" id="authcode" size="10" tabindex="2" path="authcode"  accesskey="${authcodeAccessKey}" htmlEscape="true" autocomplete="off" />                          </td>                                  <td align="left" valign="bottom" style="vertical-align: bottom;">                                                  </td>                          </tr>                          </table>                      </div>                      <div class="row check">                          <input id="warn" name="warn" value="true" tabindex="3" accesskey="<spring:message code="screen.welcome.label.warn.accesskey" />" type="checkbox" />                          <label for="warn"><spring:message code="screen.welcome.label.warn" /></label>                      </div> 

Some of the above operations need to modify the source code, so it is easier to download the source code and deploy it to Eclipse. After modification, compile it into the class file and put it into the cas web.

 

I would like to ask, how does the cas surface work? Then we need to verify the model. Is the model based on the cas plane?

Cas interviews are used to discuss the shape. There are usually several editions. Because it is not the besell surface, it is very fast to do. Both alias and catia can be completed. Cas data can be handed over to the vehicle body department to start planning the structure, or collision security can be considered based on the cas plane. In short, the structure can be involved (after the cas plane is frozen ). The main role of cas is to milling the oil mud. After the oil mud is processed, the point cloud is scanned. The point cloud is the data of Area A, not based on cas.

Questions about cas Single Sign-on extended login verification

Write the where clause in the SQL statement configured in spring .....