Spring整合JCaptcha和对于验证的ip白名单

1.首先是先要在pom.xml里面加上Jcaptcha的依赖，或者导入jar包（commons-collections-3.2.1.jar和jcaptcha-1.0-all.jar）

<dependency>  <groupId>com.octo.captcha</groupId>  <artifactId>jcaptcha-all</artifactId>  <version>1.0-RC6</version>  <exclusions>    <exclusion>      <groupId>quartz</groupId>      <artifactId>quartz</artifactId>    </exclusion>    <exclusion>      <groupId>commons-dbcp</groupId>      <artifactId>commons-dbcp</artifactId>    </exclusion>    <exclusion>      <groupId>commons-pool</groupId>      <artifactId>commons-pool</artifactId>      </exclusion>    <exclusion>      <groupId>hsqldb</groupId>      <artifactId>hsqldb</artifactId>    </exclusion>    <exclusion>      <groupId>net.sf.ehcache</groupId>      <artifactId>ehcache</artifactId>    </exclusion>    <exclusion>      <groupId>concurrent</groupId>      <artifactId>concurrent</artifactId>    </exclusion>    <exclusion>      <groupId>org.springframework</groupId>      <artifactId>spring</artifactId>    </exclusion>    <exclusion>      <groupId>xerces</groupId>      <artifactId>xercesImpl</artifactId>    </exclusion>    <exclusion>      <groupId>xerces</groupId>      <artifactId>xmlParserAPIs</artifactId>    </exclusion>  </exclusions></dependency>

2. 引入application-captcha.xml

<?xml version="1.0" encoding="UTF-8" ?><beans xmlns="http://www.springframework.org/schema/beans"       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd"       default-lazy-init="true">    <bean id="captchaService" class="com.octo.captcha.service.multitype.GenericManageableCaptchaService">        <description>验证码服务</description>        <constructor-arg index="0"><ref bean="imageEngine"/></constructor-arg>        <constructor-arg index="1"><value>300</value></constructor-arg><!--超时时间 秒-->        <constructor-arg index="2"><value>20000</value></constructor-arg><!--最大并发数-->        <constructor-arg index="3"><value>20000</value></constructor-arg><!--第四个参数官网示例上没有给出，会报错，后来看了API才知道少了个参数-->    </bean>    <bean id="imageEngine" class="com.octo.captcha.engine.GenericCaptchaEngine">        <description>图片引擎</description>        <constructor-arg index="0">            <list>                <ref bean="CaptchaFactory"/>            </list>        </constructor-arg>    </bean>    <bean id="CaptchaFactory" class="com.octo.captcha.image.gimpy.GimpyFactory" >        <description>验证码工厂</description>        <constructor-arg><ref bean="wordgen"/></constructor-arg>        <constructor-arg><ref bean="wordtoimage"/></constructor-arg>    </bean>    <bean id="wordgen" class= "com.octo.captcha.component.word.wordgenerator.RandomWordGenerator" >        <description>文字产生器，提供了好几种实现，经过比较选用了这种</description>        <constructor-arg index="0"><value>0123456789abcdefghijklmnopqrstuvwxyz</value></constructor-arg>    </bean>    <bean id="wordtoimage" class="com.octo.captcha.component.image.wordtoimage.ComposedWordToImage" >        <description>图片生成器</description>        <constructor-arg index="0"><ref bean="fontGenRandom"/></constructor-arg>        <constructor-arg index="1"><ref bean="backGenUni"/></constructor-arg>        <constructor-arg index="2"><ref bean="simpleWhitePaster"/></constructor-arg>    </bean>    <bean id="fontGenRandom" class="com.octo.captcha.component.image.fontgenerator.RandomFontGenerator" >        <description>文字转换图片</description>        <constructor-arg index="0"><value>20</value></constructor-arg><!--字体最小尺寸-->        <constructor-arg index="1"><value>20</value></constructor-arg><!--字体最大尺寸-->    </bean>    <bean id="backGenUni" class="com.octo.captcha.component.image.backgroundgenerator.GradientBackgroundGenerator" >        <constructor-arg index="0"><value>230</value></constructor-arg><!--背景图片宽度-->        <constructor-arg index="1"><value>60</value></constructor-arg><!--背景图片高度-->        <constructor-arg type="java.awt.Color" index="2">            <ref bean="colorGrey"/>        </constructor-arg>        <constructor-arg type="java.awt.Color" index="3">            <ref bean="colorGreen"/>        </constructor-arg>    </bean>    <bean id="simpleWhitePaster" class="com.octo.captcha.component.image.textpaster.DecoratedRandomTextPaster" >        <constructor-arg type="java.lang.Integer" index="0">            <value>4</value><!--字符最少个数-->        </constructor-arg>        <constructor-arg type="java.lang.Integer" index="1">            <value>6</value><!--字符最多个数-->        </constructor-arg>        <constructor-arg index="2">            <ref bean="colorGen"/>        </constructor-arg>        <!--文本混淆-->        <constructor-arg index="3">            <list>                <ref bean="baffleDecorator"/>            </list>        </constructor-arg>    </bean>    <bean id="baffleDecorator" class="com.octo.captcha.component.image.textpaster.textdecorator.BaffleTextDecorator">        <constructor-arg type="java.lang.Integer" index="0">            <value>2</value>        </constructor-arg>        <constructor-arg type="java.awt.Color" index="1">            <ref bean="colorWrite" />        </constructor-arg>    </bean>    <bean id="colorWrite" class="java.awt.Color">        <constructor-arg type="int" index="0">            <value>255</value>        </constructor-arg>        <constructor-arg type="int" index="1">            <value>255</value>        </constructor-arg>        <constructor-arg type="int" index="2">            <value>255</value>        </constructor-arg>    </bean>    <bean id="colorGrey" class="java.awt.Color" >        <constructor-arg type="int" index="0"><value>200</value></constructor-arg>        <constructor-arg type="int" index="1"><value>255</value></constructor-arg>        <constructor-arg type="int" index="2"><value>200</value></constructor-arg>    </bean>    <bean id="colorGreen" class="java.awt.Color" >        <constructor-arg type="int" index="0"><value>110</value></constructor-arg>        <constructor-arg type="int" index="1"><value>120</value></constructor-arg>        <constructor-arg type="int" index="2"><value>200</value></constructor-arg>    </bean>    <bean id="colorGen" class="com.octo.captcha.component.image.color.SingleColorGenerator">        <constructor-arg type="java.awt.Color" index="0">            <ref bean="colorDimGrey" />        </constructor-arg>    </bean>    <bean id="colorDimGrey" class="java.awt.Color">        <constructor-arg type="int" index="0">            <value>105</value>        </constructor-arg>        <constructor-arg type="int" index="1">            <value>105</value>        </constructor-arg>        <constructor-arg type="int" index="2">            <value>105</value>        </constructor-arg>    </bean></beans>

3. 在applicationContext.xml中引入jcaptcha的配置
<import resource="classpath:applicationContext-captcha.xml"/>


4. 写一个生成图片的类

@Controller@RequestMapping("/captcha")public class JcaptchaImageCreater {    private Logger logger = LoggerFactory.getLogger(getClass());    @Autowired    private ImageCaptchaService imageCaptchaService;    @RequestMapping    public void handleRequest(HttpServletRequest request, HttpServletResponse response) {        try {            ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();            String captchaId = request.getSession().getId();            BufferedImage challenge = imageCaptchaService.getImageChallengeForID(captchaId, request.getLocale());            response.setHeader("Cache-Control", "no-store");            response.setHeader("Pragma", "no-cache");            response.setDateHeader("Expires", 0L);            response.setContentType("image/jpeg");            ImageIO.write(challenge, "jpeg", jpegOutputStream);            byte[] captchaChallengeAsJpeg = jpegOutputStream.toByteArray();            ServletOutputStream respOs = response.getOutputStream();            respOs.write(captchaChallengeAsJpeg);            respOs.flush();            respOs.close();        } catch (IOException e) {            logger.error("generate captcha image error: {}", e.getMessage());        }    }}

5. 测试页面

<div class="span8" style="margin-left: 0px; padding-left: 15px;width:500px"><h3 style="color: #66CCCC;">您的访问太过于频繁！</h3><div class="row"style="margin-top: 10px; margin-left: 0px; padding-left: 15px;"><div id="msgBox" class="alert alert-error" style="display: none;"><button class="close" type="button" id="infoClose">×</button><p id="errorMsg"></p></div><div><label>请输入下面显示的内容：</label> <img id="captchaImg" src="captcha" onclick="this.src='captcha?d='+new Date().getTime()" style="display:block;margin:10px 0;cursor: pointer;"/><input id="index_code" name="code"type="text" /> <input id="preUrl" name="preUrl" type="hidden" value="${preUrl }"/><input id="key" name="key" type="hidden" value="${key }"/></div><div><button class="btn btn-primary"style="background: #00638A; width: 100px" type="button"id="submitBtn" onclick="validateCode()">提交</button></div></div></div><script type="text/javascript">function validateCode(){var code = $('#index_code').val();var key = $('#key').val();$.ajax({url: ctx + "/validateCode",type: "get",data: {code : code,key : key},  success:function(data){  if(data.rCode == "10000"){  if(data.data){  history.back(-1);  } else {  $('#errorMsg').text(data.rmsg);  $('#msgBox').show();  $('#captchaImg').click()  }  }  }});}</script>

6. 验证方法

 public ResultStatus validateCode(String code, String key,HttpSession session){    Boolean isResponseCorrect = imageCaptchaService.validateResponseForID(session.getId(), code);    if (isResponseCorrect) {     TimesHandlerInterceptor.clearCacheRecord(key);    return new ResultStatus("", "10000", true);    } else {    return new ResultStatus("验证码输入错误，请您重新输入", "10000", false);    }    }

这里再记录下验证码功能的ip白名单
1.首先先在web.xml配置ip白名单

 <!-- 频繁访问白名单。支持 * 匹配所有和 -匹配范围。用;分隔 -->  <context-param>    <param-name>rule-ignore-ip</param-name>    <param-value>218.80-100.*.*</param-value>  </context-param>

2. 然后读取配置

if(rule_open != null && "true".equals(rule_open)){UtilTools.setRuleOpen(Boolean.parseBoolean(rule_open));UtilTools.setRuleIgnoreIp(event.getServletContext().getInitParameter("rule-ignore-ip"));}

3. 然后是具体解析ip的方法

private static boolean parseValidate(String ipStr, String pattern) {      String[] ipStrArr = ipStr.split("\\.");      String[] patternArr = pattern.split("\\.");       if ( ipStrArr. length != 4 || patternArr. length != 4) {           return false;      }       int end = ipStrArr. length;       for ( int i = 0; i < end; i++) {       if (patternArr[i].contains("-")) {                    String[] rangeArr = patternArr[i].split("-");           int from = Integer.valueOf(rangeArr[0]).intValue();           int to = Integer.valueOf(rangeArr[1]).intValue();           int value = Integer.valueOf(ipStrArr[i]).intValue();           if ( value < from || value > to) {                return false;          }      }           if ( patternArr[i].equals("*")) {                continue;          }           if (!patternArr[i].equalsIgnoreCase(ipStrArr[i])) {                return false;          }      }       return true;}

4.验证ip

public static boolean validateIP(String ipStr, String ipPattern) {       if ( ipStr == null || ipPattern == null) {           return false;      }      String[] patternList = ipPattern.split(";");       for (String pattern : patternList) {           if ( parseValidate(ipStr, pattern)) {                return true;          }      }       return false;}