动手实现随机验证码

动手实现随机验证码 见过好几种类型的验证码,一开始觉得验证码的生成很神奇,后来发现验证码也是可以用Java轻松实现的。今天就来做一做这件事情。

首先,来写一个画验证码图片的Java类:

package com.xxx.validationCode;

import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class ValidationCode extends HttpServlet{
    
    public static String getValidationCodes(OutputStream os){
        char codeTable[]={
                'a','b','c','d','e','f','g','h','i','j','k','l',
                'm','n','p','q','r','s','t','u','v','w','x','y','z',
                'A','B','C','D','E','F','G','H','I','J','K','L',
                'M','N','P','Q','R','S','T','U','V','W','X','Y','Z',
                '1','2','3','4','5','6','7','8','9'
            };    //判断时大小写不区分,另外,没有使用'O'和'0',也是怕混淆的麻烦    
        
        BufferedImage image = new BufferedImage(60, 20, 
                                    BufferedImage.TYPE_INT_RGB); 
        //生成60×20的RGB图片
        Graphics graphic = image.getGraphics();
        //背景色 
        graphic.setColor(new Color(0xDCDCDC)); 
        graphic.fillRect(0, 0, 60, 20); 
        
        char codes[] = new char[4];
        //随机产生验证码
        for(int i=0; i<=3; i++) {
            codes[i] = codeTable[(int)(codeTable.length*Math.random())];
        }
        
        //把字画上去
        graphic.setColor(Color.BLACK);
        graphic.setFont(new Font("Arial", Font.BOLD, 16));
        for(int i=0; i<=3; i++){
            graphic.drawChars(codes, i, 1, 2+15*i, 15+i);
            //把codes[i]画到坐标为[10+5*i,15+i]的地方去
        }
        
        //15个干扰点
        Random rand = new Random();
        for (int i=0;i<15;i++)
            graphic.drawOval(rand.nextInt(60),rand.nextInt(20),1,1);
        
        //释放此图形的上下文并释放它所使用的所有系统资源
        graphic.dispose();
        
        try {
            ImageIO.write(image, "JPEG", os);
        } catch (IOException e) {
            e.printStackTrace();
        }
        
        return new String(codes,0,codes.length);
    }

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doPost(request,response);
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        request.getSession().setAttribute("validationCodes", getValidationCodes(response.getOutputStream()));
    }
    
}

然后,写一个Servlet将生成的图片写入页面:

package com.xxx.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.xxx.validationCode.ValidationCode;

public class ValidationServlet extends HttpServlet {

    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doPost(request,response);
    }

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        String str = ValidationCode.getValidationCodes(response.getOutputStream());
        request.getSession().setAttribute("validationCodes", str);
    }

}

接着,在login.jsp中加入如下表单:

<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>

<form action="<%=basePath+"servlet/LoginServlet"%>">
    <img src="<%=basePath+"servlet/ValidationServlet"%>"/>
    <br>
    <input type="text" name="codes"/>
    <input type="submit"/>
</form>

再写进行后台判断的Servlet:

package com.xxx.servlet;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class LoginServlet extends HttpServlet {
    public void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        doPost(request,response);
    }
    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {

        if(request.getSession().getAttribute("validationCodes").toString().toLowerCase()
                    .equals(request.getParameter("codes").toString().toLowerCase()))
            response.getOutputStream().println("Right!");
        else
            response.getOutputStream().println("Wrong!");
        
    }

}

文章未经特殊标明皆为本人原创,未经许可不得用于任何商业用途,转载请保持完整性并注明来源链接《四火的唠叨》

分享到:

One comment

  1. [...] 验证码当然可以被识别,随着破解和反破解技术的发展,验证码的技术日新月异(简单的验证码很容易实现,在我刚开始学习JavaEE的时候,曾经写过一个验证码的实现程序)。最初对于验证码的机器识别,大多采用“规则”的方式来实现,而如今则利用给定破解成功和失败的数据集合,更多地采用机器学习的方式来实现。另一方面,也不要忽视“人工破解”的价值,比如利用一些非法运营的网站,吸引用户在登陆、下载等等行为以前,输入待破解的验证码,让用户来帮助破解验证码。 [...]

发表评论

电子邮件地址不会被公开。

您可以使用这些 HTML 标签和属性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>


Preview on Feedage: