// 验证码校验
 protected void doCaptchaValidate(HttpServletRequest request, CaptchaUsernamePasswordToken token) {
   String captcha =
       (String)
           request
               .getSession()
               .getAttribute(com.google.code.kaptcha.Constants.KAPTCHA_SESSION_KEY);
   if (StringUtils.isBlank(captcha) || !captcha.equalsIgnoreCase(token.getCaptcha())) {
     throw new IncorrectCaptchaException("验证码错误!");
   }
 }
 /** 登录认证,失败会捕获相关异常信息 */
 protected boolean executeLogin(ServletRequest request, ServletResponse response)
     throws Exception {
   CaptchaUsernamePasswordToken token =
       (CaptchaUsernamePasswordToken) createToken(request, response);
   try {
     doCaptchaValidate((HttpServletRequest) request, token);
     if (token.getUsername().equals("NO")) {
       throw new DisabledAccountException("该用户被禁用,请联系客服!");
     }
     Subject subject = getSubject(request, response);
     subject.login(token);
     HttpSession session = ((HttpServletRequest) request).getSession(false);
     Member member = (Member) subject.getPrincipal();
     session.setAttribute("currentMember", member);
     session.setAttribute("currentMemberWork", memberService.getMemberWork(member.getMemberId()));
     int messageNoticCount = loginTotalMessageNotic(member.getMemberId());
     session.setAttribute("messageNoticCount", messageNoticCount);
     memberService.updateIntegra(member.getMemberId());
     return onLoginSuccess(token, subject, request, response);
   } catch (AuthenticationException e) {
     return onLoginFailure(token, e, request, response);
   }
 }