验证码:
主要用于防止猜测密码,很多软件通过自动猜测密码的方式来破解密码,如果设置了验证码,那么黑客编写的软件就不能正确识别验证码,从而实现不能通过软件尝试破解密码的作用,我们在登录系统时,需要输入验证码,它延长了操作者的时间对用户体验很不利,为什么这么多网站还要用呢?欢迎访问博客:验证码有什么用?为什么要用验证码?
怎么用?
1、配置web.xml文件:
<servlet>
<servlet-name>AuthImageServlet</servlet-name>
<servlet-class>com.orcl.drp.util.servlet.AuthImageServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>AuthImageServlet</servlet-name>
<url-pattern>/servlet/AuthImageServlet</url-pattern>
</servlet-mapping>
2、AuthImageServlet类代码:
public class AuthImageServlet extends HttpServlet
{
private static final String CONTENT_TYPE = "text/html; charset=gb2312";
//设置字母的大小,大小
private Font mFont = new Font("Times New Roman", Font.PLAIN, 17);
public void init() throws ServletException
{
super.init();
}
Color getRandColor(int fc,int bc)
{
Random random = new Random();
if(fc>255) fc=255;
if(bc>255) bc=255;
int r=fc+random.nextInt(bc-fc);
int g=fc+random.nextInt(bc-fc);
int b=fc+random.nextInt(bc-fc);
return new Color(r,g,b);
}
public void service(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
response.setHeader("Pragma","No-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
//表明生成的响应是图片
response.setContentType("image/jpeg");
int width=100, height=18;
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
Graphics g = image.getGraphics();
Random random = new Random();
g.setColor(getRandColor(200,250));
g.fillRect(1, 1, width-1, height-1);
g.setColor(new Color(102,102,102));
g.drawRect(0, 0, width-1, height-1);
g.setFont(mFont);
g.setColor(getRandColor(160,200));
//画随机线
for (int i=0;i<155;i++)
{
int x = random.nextInt(width - 1);
int y = random.nextInt(height - 1);
int xl = random.nextInt(6) + 1;
int yl = random.nextInt(12) + 1;
g.drawLine(x,y,x + xl,y + yl);
}
//从另一方向画随机线
for (int i = 0;i < 70;i++)
{
int x = random.nextInt(width - 1);
int y = random.nextInt(height - 1);
int xl = random.nextInt(12) + 1;
int yl = random.nextInt(6) + 1;
g.drawLine(x,y,x - xl,y - yl);
}
//生成随机数,并将随机数字转换为字母
String sRand="";
for (int i=0;i<6;i++)
{
int itmp = random.nextInt(26) + 65;
char ctmp = (char)itmp;
sRand += String.valueOf(ctmp);
g.setColor(new Color(20+random.nextInt(110),20+random.nextInt(110),20+random.nextInt(110)));
g.drawString(String.valueOf(ctmp),15*i+10,16);
}
HttpSession session = request.getSession(true);
session.setAttribute("rand",sRand);
g.dispose();
ImageIO.write(image, "JPEG", response.getOutputStream());
}
public void destroy()
{
}
}
3、jsp页面关键代码:
String authCode = request.getParameter("authCode");
//输入的与session中作比较,忽略大小写
if (!authCode.trim().equalsIgnoreCase((String)session.getAttribute("rand"))) {
out.println("验证码不正确!");
}
<TD align=left><FONT face="verdana, arial, helvetica, sans-serif" size=-1>验证码:</FONT></TD><TD align=left> <INPUT name="authCode" type="text" size="6" maxlength="6"> <img src="${pageContext.request.contextPath }/servlet/AuthImageServlet"></TD>
实现效果:
