jcaptcha组件小小改造解决Invalid ID, could not validate une
jcaptcha是一款很好的java实现的验证码组件,官方地址:http://jcaptcha.sourceforge.net/
在使用jcaptcha过程当中,我相信不少人在用ajax校验验证码的时候都遇到过下面这样的异常:
java
Invalid ID, could not validate unexisting or already validated captchaajax
其实分析jcaptcha源码不可贵知,这个异常是由于AbstractCaptchaService中的validateResponseForID方法逻辑在捣乱,看看源码:session
public Boolean validateResponseForID(String ID, Object response)
throws CaptchaServiceException
{
if (!this.store.hasCaptcha(ID)) {
throw new CaptchaServiceException("Invalid ID, could not validate unexisting or already validated captcha");
}
Boolean valid = this.store.getCaptcha(ID).validateResponse(response);
this.store.removeCaptcha(ID);
return valid;
}
其中有句this.store.removeCaptcha(ID);,就是这句代码在捣乱。这句代码的意思就是说,无论何时,一档执行了validateResponseForID方法,就会把原来的那个session从store当中移除,那么这样,若是你采用的是ajax提交校验的话,验证码生成逻辑没有从新执行,就会报上面的Invalid ID异常,若是是校验失败就从新刷新页面从新生成应该就问题,没有验证是否是这样,道理就是这么个道理了……
那么为了知足ajax校验,咱们作点稍微的改造:
首先咱们若是采用的GenericManageableCaptchaService做为CaptchaService实现类,我就自定义一个Service来继承GenericManageableCaptchaService,代码以下:ide
public class CustomGenericManageableCaptchaService extends
GenericManageableCaptchaService {
/**
* The constructor method of class CustomManageableCaptchaService.java .
*
* @param captchaEngine
* @param minGuarantedStorageDelayInSeconds
* @param maxCaptchaStoreSize
* @param captchaStoreLoadBeforeGarbageCollection
*/
public CustomGenericManageableCaptchaService(CaptchaEngine captchaEngine,
int minGuarantedStorageDelayInSeconds, int maxCaptchaStoreSize,
int captchaStoreLoadBeforeGarbageCollection) {
super(captchaEngine, minGuarantedStorageDelayInSeconds,
maxCaptchaStoreSize, captchaStoreLoadBeforeGarbageCollection);
}
/**
* The constructor method of class CustomManageableCaptchaService.java .
*
* @param captchaStore
* @param captchaEngine
* @param minGuarantedStorageDelayInSeconds
* @param maxCaptchaStoreSize
* @param captchaStoreLoadBeforeGarbageCollection
*/
public CustomGenericManageableCaptchaService(CaptchaStore captchaStore,
CaptchaEngine captchaEngine, int minGuarantedStorageDelayInSeconds,
int maxCaptchaStoreSize, int captchaStoreLoadBeforeGarbageCollection) {
super(captchaStore, captchaEngine, minGuarantedStorageDelayInSeconds,
maxCaptchaStoreSize, captchaStoreLoadBeforeGarbageCollection);
}
/**
* 修改验证码校验逻辑,默认的是执行了该方法后,就把sessionid从store当中移除<br/>
* 然而在ajax校验的时候,若是第一次验证失败,第二次还得从新刷新验证码,这种逻辑不合理<br/>
* 如今修改逻辑,只有校验经过之后,才移除sessionid。 Method Name:validateResponseForID .
*
* @param ID
* @param response
* @return
* @throws CaptchaServiceException
* the return type:Boolean
*/
@Override
public Boolean validateResponseForID(String ID, Object response)
throws CaptchaServiceException {
if (!this.store.hasCaptcha(ID)) {
throw new CaptchaServiceException(
"Invalid ID, could not validate unexisting or already validated captcha");
}
Boolean valid = this.store.getCaptcha(ID).validateResponse(response);
//源码的这一句是没被注释的,这里咱们注释掉,在下面暴露一个方法给咱们本身来移除sessionId
//this.store.removeCaptcha(ID);
return valid;
}
/**
* 移除session绑定的验证码信息.
* Method Name:removeCaptcha .
* @param sessionId
* the return type:void
*/
public void removeCaptcha(String sessionId){
if(sessionId!=null && this.store.hasCaptcha(sessionId)){
this.store.removeCaptcha(sessionId);
}
}
}
从代码中咱们能够看到两个改造:
一、重写了validateResponseForID方法,只是注释了一行代码;
二、增长了一个方法removeCaptcha,用来让咱们手工移除session对应的验证码信息this
而后就把bean对应的实现类指定到咱们的自定义实现上,以下:spa
<bean id="captchaService" class="com.cmcc.ict.iplanning.captcha.CustomGenericManageableCaptchaService"> <constructor-arg index="0"><ref bean="imageEngine"/></constructor-arg> <constructor-arg index="1"><value>180</value></constructor-arg> <constructor-arg index="2"><value>180000</value></constructor-arg> <constructor-arg index="3"><value>75000</value></constructor-arg> </bean>
最后就是在你的业务逻辑里面手动调用removeCapthca()方法了,例如:.net
try {code
currentUser.login(token);继承
....token
//成功之后移除验证码信息
captchaService.removeCaptcha(sessionId);
} catch (UnknownAccountException uae) {
....
} catch (IncorrectCredentialsException ice) {
....
} catch (LockedAccountException lae) {
....
} catch (ExcessiveAttemptsException eae) {
....
} catch (AuthenticationException ae) {
....
}
- 1. com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certifi
- 2. Could not validate ASMSNMP Password ORA-01017
- 3. JCaptcha报异常
- 4. Could not set property 'id' of
- 5. ElementUI radio 小改造
- 6. Could not load OpenSSL解决
- 7. Could NOT find OpenJPEG未解决
- 8. 解决Could not find manifest-merger.jar
- 9. 解决 Could not resolve com.android.tools.build:gradle:3.1.3
- 10. 解决:Could not resolve archetype org.apache.maven.archetypes
- 更多相关文章...
- • SVN 解决冲突 - SVN 教程
- • MySQL FLOAT、DOUBLE、DECIMAL(小数类型) - MySQL教程
- • SpringBoot中properties文件不能自动提示解决方法
- • Scala 中文乱码解决
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 在windows下的虚拟机中,安装华为电脑的deepin操作系统
- 2. 强烈推荐款下载不限速解析神器
- 3. 【区块链技术】孙宇晨:区块链技术带来金融服务的信任变革
- 4. 搜索引起的链接分析-计算网页的重要性
- 5. TiDB x 微众银行 | 耗时降低 58%,分布式架构助力实现普惠金融
- 6. 《数字孪生体技术白皮书》重磅发布(附完整版下载)
- 7. 双十一“避坑”指南:区块链电子合同为电商交易保驾护航!
- 8. 区块链产业,怎样“链”住未来?
- 9. OpenglRipper使用教程
- 10. springcloud请求一次好用一次不好用zuul Name or service not known
- 1. com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException: Could not validate certifi
- 2. Could not validate ASMSNMP Password ORA-01017
- 3. JCaptcha报异常
- 4. Could not set property 'id' of
- 5. ElementUI radio 小改造
- 6. Could not load OpenSSL解决
- 7. Could NOT find OpenJPEG未解决
- 8. 解决Could not find manifest-merger.jar
- 9. 解决 Could not resolve com.android.tools.build:gradle:3.1.3
- 10. 解决:Could not resolve archetype org.apache.maven.archetypes