/** 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码 */ @Override protected boolean onLoginFailure( AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { if (e instanceof CaptchaValidationException) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } else if (e instanceof IncorrectCredentialsException) { // 消息友好提示 e = new IncorrectCredentialsException("登录账号或密码不正确"); // 失败记录 SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); if (authAccount != null) { authAccount.setLogonTimes(authAccount.getLogonTimes() + 1); authAccount.setLastLogonFailureTime(DateUtils.currentDate()); authAccount.setLogonFailureTimes(authAccount.getLogonFailureTimes() + 1); userService.save(authAccount); // 达到验证失败次数限制,传递标志属性,登录界面显示验证码输入 if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } } } return super.onLoginFailure(token, e, request, response); }