spring security2.0如何自定义一个Filter

下面的配置是从数据库中登陆的,已经测试过,可以工作了,<http auto-config='true'>
        <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
        <intercept-url pattern="/**" access="ROLE_USER" />
    </http>    <authentication-provider>
         <password-encoder hash="md5"/>
         <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="select userid,password,workstatus as enabled from myUser where userid=?"
            authorities-by-username-query="select a.userid,b.groupname as authority from myUser a,usergroup b where a.groupid=b.groupid and userid=?"/>
    </authentication-provider>

    <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <beans:property name="driverClassName" value="com.microsoft.jdbc.sqlserver.SQLServerDriver"/>
        <beans:property name="url" value="jdbc:microsoft:sqlserver://10.55.104.38:1433;databasename=mydb"/>
        <beans:property name="username" value="sa"/>
        <beans:property name="password" value="pass"/>
    </beans:bean>现在我想自定义一个Filter,实现验证码的功能

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

下面我自定义了一个FILTER,并按照网上的例子配置,但不工作    <http auto-config="false" entry-point-ref="authenticationProcessingFilterEntryPoint">
        <intercept-url pattern="/admin.jsp" access="ROLE_ADMIN" />
        <intercept-url pattern="/**" access="ROLE_USER" />
    </http>    <authentication-provider>
         <password-encoder hash="md5"/>
         <jdbc-user-service data-source-ref="dataSource"
            users-by-username-query="select userid,password,workstatus as enabled from MyUser where userid=?"
            authorities-by-username-query="select a.userid,b.groupname as authority from Myuser a,usergroup b where a.groupid=b.groupid and userid=?"/>
    </authentication-provider>

    <beans:bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
        <beans:property name="driverClassName" value="com.microsoft.jdbc.sqlserver.SQLServerDriver"/>
        <beans:property name="url" value="jdbc:microsoft:sqlserver://10.55.104.38:1433;databasename=mydb"/>
        <beans:property name="username" value="sa"/>
        <beans:property name="password" value="pass"/>
    </beans:bean>

    <beans:bean id="authenticationProcessingFilter" class="MyAuthenticationProcessingFilter">
        <custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
        <beans:property name="defaultTargetUrl" value="/index.jsp"/>
        <beans:property name="authenticationManager" ref="authenticationManager"/>在这有个警告,提示找不到ref的bean
    </beans:bean>

     <beans:bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
        <beans:property name="loginFormUrl" value="/login.jsp"/>
        <beans:property name="forceHttps" value="false"/>
    </beans:bean>


    <authentication-manager alias="authenticationManager"/>

</beans:beans>
以下是cas-server-3.2的配置方法
1、定义一个类继承自AbstractAction
public class AfterSubmitAction extends AbstractAction{ protected Event doExecute(RequestContext context) throws Exception {
if(是正确的验证码){//这里可以用context.getRequestParameters(name)得到值，相当于request.getParameter(name);
context.getRequestScope().put("code", "1");
return error();
}
return success();
}}2、在cas-servlet中加入 <bean id="afterLoginAction" class="AfterLoginAction"/>3、在login-webflow.xml中找到<view-state id="loginForm" view="casLoginView">
这一行，改成：
<view-state id="loginForm" view="casLoginView">
<render-actions>
<action bean="authenticationViaFormAction" method="setupForm"/>
<action bean="authenticationViaFormAction" method="referenceData"/>
</render-actions>
<transition on="submit" to="afterSubmitAction" />
</view-state> <action-state id="afterSubmitAction">
<action bean="afterSubmitAction" />
<transition on="success" to="bindAndValidate" />
<transition on="error" to="viewLoginForm" />
</action-state>