配置了
过滤器代码如下
public class FormAuthenticationCaptchaFilter extends FormAuthenticationFilter {
public static final String DEFAULT_CAPTCHA_PARAM = "captcha";
private String captchaParam = DEFAULT_CAPTCHA_PARAM;
public String getCaptchaParam() {
return captchaParam;
}
protected String getCaptcha(ServletRequest request) {
return WebUtils.getCleanParam(request, getCaptchaParam());
}
protected AuthenticationToken createToken(
ServletRequest request, ServletResponse response) {
String username = getUsername(request);
String password = getPassword(request);
String captcha = getCaptcha(request);
boolean rememberMe = isRememberMe(request);
return new UsernamePasswordCaptchaToken(username,
password, rememberMe, captcha);
}
// 验证码校验
protected void doCaptchaValidate( HttpServletRequest request
,UsernamePasswordCaptchaToken token ){
String captcha = (String) SecurityUtils.getSubject().getSession()
.getAttribute(CaptchaServlet.KEY_CAPTCHA);
if( captcha!=null &&
!captcha.equalsIgnoreCase(token.getCaptcha()) ){
throw new CaptchaException ("验证码错误!");
}
}
// 认证
protected boolean executeLogin(ServletRequest request,
ServletResponse response) throws Exception {
UsernamePasswordCaptchaToken token = (UsernamePasswordCaptchaToken)createToken(request, response);
try {
doCaptchaValidate( (HttpServletRequest)request,token );
Subject subject = getSubject(request, response);
subject.login(token);
return onLoginSuccess(token, subject, request, response);
} catch (AuthenticationException e) {
return onLoginFailure(token, e, request, response);
}
}
}
但是在访问相应 url的时候再过滤器中debug进不去
