JSP dynamic generation Verification Code

JSP dynamic generation Verification Code

(1) In application login, to prevent malicious login, the server often needs to dynamically generate a verification code and store it in the range of the session, and finally return it to the client as an image.

(2) Functions of the code below: Write a JSP page, dynamically generate a verification code, store it within the scope of the session, and return it to the client as an image.

Write another JSP page and reference the verification code generated on this JSP page;

The authen. jsp code is as follows:

<% @ Page import = "java. awt. *, java. awt. image. *, java. util. *, com.sun.image.codec.jpeg. *" %> <%! // Random Color variation range generated based on the provided AB Color getColor (int a, int B) {int n = B-a; Random rd = new Random (); int cr = a + rd. nextInt (n); int cg = a + rd. nextInt (n); int cb = a + rd. nextInt (n); return new Color (cr, cg, cb) ;}%><%// the following three lines cancel the client browser cache verification code function response. setHeader ("Pragma", "No-cache"); response. setHeader ("Cache-Control", "no-cache"); response. setDateHeader ("Expires", 0); int width = 60, height = 20; // generate an image in the memory BufferedImage image = new BufferedImage (width, height, BufferedImage. TYPE_INT_RGB); Graphics g = image. getGraphics (); Random random = new Random (); g. setColor (getColor (200,250); g. fillRect (0, 0, width, height); g. setFont (new Font ("Times New Roman", Font. BOLD, 18); g. setColor (getColor (160,200); for (int I = 0; I <160; I ++) {int x = random. nextInt (width); int y = random. nextInt (height); int xl = random. nextInt (12); int yl = random. nextInt (12); g. drawLine (x, y, x + xl, y + yl);} String number = String. valueOf (1000 + random. nextInt (8999); String name = request. getParameter ("name"); session. setAttribute (name, number); g. setColor (getColor (20,130); int x = (int) (width * 0.2); int y = (int) (height * 0.8); g. drawString (number, x, y); g. dispose (); required imageencoder encoder = required codec. createJPEGEncoder (response. getOutputStream (); encoder. encode (image); out. close (); %>

Create a test. jsp page and call the verification code:

<% @ Page contentType = "text/html; charset = gb2312" language = "java" import = "java. SQL. *" errorPage = "" %>
 Untitled document<% // Cancel the Client Cache response. setHeader ("Pragma", "No-cache"); response. setHeader ("Cache-Control", "no-cache"); response. setDateHeader ("Expires", 0); String name = "loginCode"; %> Verification Code: "/>

(3) The client cache can be canceled on both pages. This is because another browser, such as the Internet Explorer browser,

The image will be placed in the cache first. When the request is made again, it will be found in the memory to see if it already exists. If yes, it will not be requested. This will cause refresh Verification

The Verification Code fails. To prevent the browser from reading cached images, you must cancel the cache;

(4) OK! End now!