JSP implementation of graphics authentication code technology

js| Graphics

The implementation of authentication code technology requires the following aspects of preparation:

1. Generate Authentication Code:

We can allow the system to randomly generate a number as the authentication code, which can be achieved in both JavaScript scripting language and the Java language. The former can use Math.random () to get a decimal between 0 and 1, multiply it by 10000 and then take the whole part, you can get a random number between 0 to 9999. The latter can use the Nextint (N) method of the random class to obtain a random class between 0 and N-1.

When implemented, we used the former, that is, the random number generated by JavaScript as the authentication code. The main reason is that JavaScript is the HTML built-in scripting language, whether the page is forward, backward or refresh, can ensure the timely generation of new authentication code, increased randomness. With the Java implementation, then do not have this feature, the browser also saved the original authentication code, randomness is not strong.

2. Generate Authentication Code images:

This is the more critical part. Fortunately, the Java language provides us with strong support. We can use the BufferedImage class to draw images in memory, and we can use the ImageIO class to output the image to a JSP page. When we draw the image, we can draw the randomly generated authentication code into the image, and then display it in front of the user. Another, in order to increase the difficulty of deciphering, we can draw some random points.

3. Save Authentication Code:

In the JSP language, we can make full use of the language built-in session object to save the value of the authentication code, the method is: Session.setattribute ("Authentication code name", the value of the authentication code). and can be Session.getattribute ("Authentication Code name") to obtain the system to save the value of the authentication code, and user input authentication code comparison, is very convenient.

Third, the implementation of the JSP authentication code technology

1. image.jsp

The function of this JSP program is to generate the corresponding authentication code image according to the page parameter rand, and to set the session variable rand so that check.jsp can be used when validating the authentication code entered by the user.

The source program is as follows:
<%@ page contenttype= "image/jpeg" import= "java.awt.*,
Java.awt.image.*,java.util.*,javax.imageio.* "%>
<%
Create an image in memory
int width=60, height=20;
BufferedImage image = new BufferedImage (width, height,
BUFFEREDIMAGE.TYPE_INT_RGB);

Get Graphics context
Graphics g = image.getgraphics ();

Set Background color
G.setcolor (Color.White);
G.fillrect (0, 0, width, height);

Draw a border
G.setcolor (Color.Black);
G.drawrect (0,0,width-1,height-1);

Take a randomly generated authentication code (4 digits)
String rand = Request.getparameter ("Rand");
Rand = rand.substring (0,rand.indexof ("."));
Switch (Rand.length ())
{
Case 1:rand = "+rand"; Break
Case 2:rand = "+rand"; Break
Case 3:rand = "0" +rand; Break
Default:rand = rand.substring (0,4); Break
}

Save authentication Code in session
Session.setattribute ("Rand", Rand);

Display the authentication code in the image
G.setcolor (Color.Black);
G.setfont (New Font ("Times New Roman", font.plain,18));
g.DrawString (rand,10,15);

Randomly generated 88 interference points, so that the image of the authentication code is not easily detected by other programs
Random Random = new Random ();
for (int i=0;i<88;i++)
{
int x = random.nextint (width);
int y = random.nextint (height);
G.drawline (X,y,x,y);
}

Image entry into force
G.dispose ();

Output image to Page
Imageio.write (Image, "JPEG", Response.getoutputstream ());

%>
2. a.jsp

The function of this JSP program is to display the authentication code, and provide the form for the user to enter the authentication code for verification. Note that the program displays the authentication code image, uses the JavaScript document.write, and uses the Math.random function, thus guaranteed the authentication code the timely renewal characteristic.

The source program is as follows:
<%@ page contenttype= "text/html;charset=gb2312"%>
<! DOCTYPE HTML PUBLIC "-//w3c//dtd HTML 4.01 transitional//en"
<title> Authentication Code Input page </title>
<meta http-equiv= "Content-type" content= "text/html; charset=gb2312"
<meta http-equiv= "Pragma" content= "No-cache" >
<meta http-equiv= "Cache-control" content= "No-cache" >
< META http-equiv= "Expires" content= "0" >
<body>
<form method=post-action= " check.jsp
<table>
<tr>
<TD align=left> system generated authentication code: </TD>
<td>< Script>document.write (" Rand= "+math.random () *10000+" > "); </script></td>
</tr>
<tr>
<td Align=left > Enter the authentication code above: </td>
<td><input type=text name=rand maxlength=4 value= "></TD>
</tr
<tr>
<td colspan=2 ALIGN=CENTER><input type=submit value= "Submit Detection" ></TD>
</tr>
</form>
</body>

3. check.jsp

This JSP program's role is to compare the user input authentication code and session variables saved in the authentication code, the same prompt authentication success, otherwise prompted authentication failed.

The source program is as follows:

<%@ page contenttype= "text/html; charset=gb2312 "Language=" Java "
Import= "java.sql.*" errorpage= ""%>
<title> Authentication Code Verification page </title>
<meta http-equiv= "Content-type" content= "text/html; charset=gb2312 ">
<meta http-equiv= "Pragma" content= "No-cache" >
<meta http-equiv= "Cache-control" content= "No-cache" >
<meta http-equiv= "Expires" content= "0" >

<body>
<%
String rand = (string) session.getattribute ("Rand");
String input = Request.getparameter ("Rand");
%>
The authentication code generated by the system is: <%= Rand%><br>
The authentication code you have entered is: <%= input%><br>
<br>
<%
if (rand.equals (input)) {
%>
<font color=green> Input the same, authentication success! </font>
<%
} else {
%>
<font color=red> input is different, authentication failed! </font>
<%
}
%>
</body>