實現session驗證的lservlet驗證碼

 JSP頁面：

<%@ page language="java" import="java.util.*" pageEncoding="utf-8"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
  <head>
    <base href="<%=basePath%>">
   
    <title>login.jsp</title>
 <meta http-equiv="pragma" content="no-cache">
 <meta http-equiv="cache-control" content="no-cache">
 <meta http-equiv="expires" content="0">   
 <meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
 <meta http-equiv="description" content="This is my page">
 <!--
 <link rel="stylesheet" type="text/css" href="styles.css">
 -->
 
  </head>
 
  <body>
  <form  name="form1" action="./servlet/LogonFormServlet" method="post">
      <table align="center" width="299" height="153">
       <tr>
        <td><div><strong>用戶名：</strong><input type="text" name="username"></div></td>
       </tr>
       <tr>
        <td><strong>密&nbsp;&nbsp; 碼：</strong><input type="password" name="pwd"></td>
       </tr>
       <tr>
        <td>驗證碼：<input type="text" name="check_code">&nbsp;
    <img src="./servlet/CheckCodeServlet"></img></td> 
       </tr>
       <tr>
        <td align="center"><input type="submit" value="登  錄">&nbsp;&nbsp;&nbsp;&nbsp;
         <input type="reset" value="重  設">
                 
        </td>
       </tr>
      </table><br>
    </form>
  </body>
</html>

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

package cn;
import java.awt.*;
import java.awt.image.*;
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.imageio.*;

public class CheckCodeServlet extends HttpServlet {

 /**
  * Constructor of the object.
  */
 public CheckCodeServlet() {
  super();
 }

 /**
  * The doGet method of the servlet. <br>
  *
  * This method is called when a form has its tag value method equals to get.
  *
  * @param request the request send by the client to the server
  * @param response the response send by the server to the client
  * @throws ServletException if an error occurred
  * @throws IOException if an error occurred
  */
 private static int WIDTH = 60;
 private static int HEIGHT = 20;
 public void doGet(HttpServletRequest request, HttpServletResponse response)
   throws ServletException, IOException {
  
  response.setContentType("text/html");
  //PrintWriter out = response.getWriter();
  HttpSession session = request.getSession();
  response.setContentType("image/jpeg");
  ServletOutputStream sos = response.getOutputStream();
  response.setHeader("Pragma", "No-cache");
  response.setHeader("Cache-Control", "no-cache");
  response.setDateHeader("Expires", 0);
  //創建內存圖像
  BufferedImage image = new BufferedImage(WIDTH,HEIGHT,BufferedImage.TYPE_INT_BGR);
  Graphics g = image.getGraphics();
  //產生隨機的驗證碼
  char[] rands = generateChekCode();
  //產生背景
  drawground(g);
  drawRands(g,rands);
  //方法結束
  g.dispose();
  
  //輸出到客戶端
  ByteArrayOutputStream bos = new ByteArrayOutputStream();
  ImageIO.write(image, "jpeg", bos);
  byte[] buf = bos.toByteArray();
  response.setContentLength(buf.length);
  sos.write(buf);
  bos.close();
  sos.close();
  
  //將當前的驗證碼存入session中
  
  session.setAttribute("check_code", new String(rands));
  
 }
 
 //產生隨機數
 
 private char[] generateChekCode(){
  //定義驗證的字符串
  String chars = "1234567890abcdefghijklmnopqrstuvwxyz";
  char [] rands = new char[4];
  for(int i=0;i<rands.length;i++)
  {
   int rand = (int)(Math.random() * 36);
   rands[i] = chars.charAt(rand);
  }
  return rands;
 }
 
 //產生圖像
 
 private void drawRands(Graphics g,char[] rands)
 {
  g.setColor(Color.BLACK);
  g.setFont(new Font(null,Font.ITALIC|Font.BOLD,18));
  //在不同的高度上輸出驗證碼文字
  g.drawString(""+rands[0],3,15);
  g.drawString(""+rands[1],17,15);
  g.drawString(""+rands[2],32,15);
  g.drawString(""+rands[3],46,16);
  System.out.println(rands);
 }
 
 //畫背景
 
 private void drawground(Graphics g)
 {
  g.setColor(Color.green);
  g.fillRect(0, 0, WIDTH, HEIGHT);
  
  //隨機產生120個干擾點
  
  for(int i=0;i<120;i++)
  {
   int x = (int)(Math.random()*WIDTH);
   int y = (int)(Math.random()*HEIGHT);
   int red = (int)(Math.random()*255);
   int green = (int)(Math.random()*255);
   int blue = (int)(Math.random()*255);
   g.setColor(new Color(red,green,blue));
   g.drawOval(x, y, 1, 0);
  }
 }

}
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

package cn;

import java.io.*;

import javax.servlet.*;
import javax.servlet.http.*;

public class LogonFormServlet extends HttpServlet {

 /**
  * Constructor of the object.
  */
 public LogonFormServlet() {
  super();
 }
 public void service(HttpServletRequest request, HttpServletResponse response)
 throws ServletException, IOException {
  response.setContentType("text/html;charset=GB2312");
  PrintWriter out = response.getWriter();
  
  HttpSession session = request.getSession(false);
  System.out.println(session+"AAAAAAAAAA");
  if(session==null){
   out.println("驗證碼問題");
   return;
  }
  String savedCode = (String)session.getAttribute("check_code");
  if(savedCode == null){
   out.println("驗證碼不對");
   return;
  }
  String checkCode = (String) request.getParameter("check_code");
  if(!savedCode.equals(checkCode))
  {
   out.println("驗證碼無效");
   return;
  }
  session.removeAttribute("check_code");
  out.println("驗證碼通過");
 }
}