防机器登录验证码的实现 与 输入匹配验证
2017-07-09 19:30
573 查看
代码:
login.jsp
ImageServlet.java(生成验证码图片的servlet)
登录验证
Login.java
package com.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.bean.User;
import com.dao.UserDao;
@WebServlet("/Login")
public class Login extends HttpServlet {
private static final long serialVersionUID = 1L;
public Login() {
super();
// TODO Auto-generated constructor stub
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
//设置编码
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.setHeader("Content-Type","text/html; charset=utf-8");
HttpSession session = request.getSession();
String validation_code = (String)session.getAttribute("validateCode");
String user_name = request.getParameter("username");
String user_password = request.getParameter("password");
String user_kind = request.getParameter("kind");
String verifycode = request.getParameter("verifycode");
UserDao dao = new UserDao();
User user = dao.login(user_name, user_password, user_kind);
System.out.println("用户"+user+user_name+user_password+user_kind);
//request.getSession().setAttribute("username", user_name);
if(!verifycode.equalsIgnoreCase(validation_code)){
request.getSession().setAttribute("verify", "验证码错误,请重新输入!"); //输入的验证码与图片的验证码不一致
response.sendRedirect(request.getContextPath()+"/login.jsp");
}
else{
if(user != null){
request.getSession().setAttribute("user", user);
if(user_kind.equals("管理员")){
request.getRequestDispatcher("jsp/ManagerMainPage.jsp").forward(request, response);
//response.sendRedirect("jsp/ManagerMainPage.jsp");
return;
}
else{
request.getRequestDispatcher("jsp/EmployeeMainPage.jsp").forward(request, response);
//response.sendRedirect("jsp/EmployeeMainPage.jsp");
return;
}
}
else{
request.getSession().setAttribute("message", "用户名或密码错误!"); //登录信息验证错误
//response.getWriter().write("<script language='javascript'>alert('用户名或密码不正确!')</script>");
//request.getRequestDispatcher("/login.jsp").forward(request, response);
response.sendRedirect(request.getContextPath()+"/login.jsp");
}
}
}
}
截图:
#密码正确,验证码匹配,登录成功
login.jsp
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>登录验证</title> <script type="text/javascript"> function changeImage() { var img = document.getElementsByTagName("img")[0]; img.src="${pageContext.request.contextPath }/ImageServlet?time="+new Date().getTime();//这个目的是防止缓存不刷新验证码 } function check(){ var uname = document.getElementById("uname").value; var upassword = document.getElementById("upassword").value; var verifycode = document.getElementById("verifycode").value; var validateCode = '<%=session.getAttribute("validateCode")%>' if(uname==""){ alert("用户名为空!"); return false; } if(upassword==""){ alert("密码为空!"); return false; } if(verifycode==""){ alert("请填写验证码!"); return false; } if(validateCode.equals(verifycode)){ alert("验证码错误!"); return false; } } if(window.top!=window){ window.top.location = "Login"; } </script> </head> <body> <center> <h1>用户登录</h1> <hr/> <% Object validateCode = session.getAttribute("validateCode"); System.out.println("你的验证码是:"+validateCode); %> <form action="Login" method="post" onsubmit="return check()"> <table border="0" width="360px"> <tr> <td align="right">用户名:</td> <td><input type="text" id="uname" name="username" style="width: 180px"/></td> </tr> <tr> <td align="right">密 码:</td> <td><input type="password" id="upassword" name="password" style="width: 180px"/></td> </tr> <tr> <td align="right">验证码:</td> <td><input type="text" id="verifycode" style="width: 180px" name="verifycode"/></td> <td><img alt="换一张看看" src="/Siemens/ImageServlet" align="left" onclick="changeImage()" /></td> </tr> <tr> <td><input type="radio" name="kind" value="员工" checked="checked">员工</td> <td><input type="radio" name="kind" value="管理员">管理员</td> </tr> <tr> <td align="right"><input type="submit" value="登录"/></td> <td><input type="reset" value="重置"/></td> </tr> <tr> <td></td> <td><font color="red">${message}</font></td> </tr> <tr> <td></td> <td><font color="red">${verify}</font></td> </tr> </table> </form> </center> </body> </html>
ImageServlet.java(生成验证码图片的servlet)
package com.servlet; import java.awt.Color; import java.awt.Font; import java.awt.Graphics2D; import java.awt.image.BufferedImage; import java.util.Random; import javax.imageio.ImageIO; import javax.servlet.ServletException; import javax.servlet.ServletOutputStream; import javax.servlet.annotation.WebServlet; import javax.servlet.http.HttpServlet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; @WebServlet("/ImageServlet") public class ImageServlet extends HttpServlet { private static final long serialVersionUID = 1L; // 验证码图片的宽度。 private int width = 100; // 验证码图片的高度。 private int height = 25; // 验证码字符个数 private int codeCount = 4; private int x = 0; // 字体高度 private int fontHeight; private int codeY; char[] codeSequence = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' }; /** * 初始化验证图片属性 */ public void init() throws ServletException { // 从web.xml中获取初始信息 // 宽度 String strWidth = this.getInitParameter("width"); // 高度 String strHeight = this.getInitParameter("height"); // 字符个数 String strCodeCount = this.getInitParameter("codeCount"); // 将配置的信息转换成数值 try { if (strWidth != null && strWidth.length() != 0) { width = Integer.parseInt(strWidth); } if (strHeight != null && strHeight.length() != 0) { height = Integer.parseInt(strHeight); } if (strCodeCount != null && strCodeCount.length() != 0) { codeCount = Integer.parseInt(strCodeCount); } } catch (NumberFormatException e) { e.printStackTrace(); } x = width / (codeCount + 1); fontHeight = height - 2; codeY = height - 4; } protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, java.io.IOException { // 定义图像buffer BufferedImage buffImg = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB); Graphics2D g = buffImg.createGraphics(); // 创建一个随机数生成器类 Random random = new Random(); // 将图像填充为白色 g.setColor(Color.WHITE); g.fillRect(0, 0, width, height); // 创建字体,字体的大小应该根据图片的高度来定。 Font font = new Font("Fixedsys", Font.PLAIN, fontHeight); // 设置字体。 g.setFont(font); // 画边框。 g.setColor(Color.BLACK); g.drawRect(0, 0, width - 1, height - 1); // 随机产生160条干扰线,使图象中的认证码不易被其它程序探测到。 g.setColor(Color.BLACK); for (int i = 0; i < 160; i++) { int x = random.nextInt(width); int y = random.nextInt(height); int xl = random.nextInt(12); int yl = random.nextInt(12); g.drawLine(x, y, x + xl, y + yl); } // randomCode用于保存随机产生的验证码,以便用户登录后进行验证。 StringBuffer randomCode = new StringBuffer(); int red = 0, green = 0, blue = 0; // 随机产生codeCount数字的验证码。 for (int i = 0; i < codeCount; i++) { // 得到随机产生的验证码数字。 String strRand = String.valueOf(codeSequence[random.nextInt(36)]); // 产生随机的颜色分量来构造颜色值,这样输出的每位数字的颜色值都将不同。 red = random.nextInt(255); green = random.nextInt(255); blue = random.nextInt(255); // 用随机产生的颜色将验证码绘制到图像中。 g.setColor(new Color(red, green, blue)); g.drawString(strRand, (i + 1) * x, codeY); // 将产生的四个随机数组合在一起。 randomCode.append(strRand); } // 将四位数字的验证码保存到Session中。 HttpSession session = req.getSession(); session.setAttribute("validateCode", randomCode.toString()); // 禁止图像缓存。 resp.setHeader("Pragma", "no-cache"); resp.setHeader("Cache-Control", "no-cache"); resp.setDateHeader("Expires", 0); resp.setContentType("image/jpeg"); // 将图像输出到Servlet输出流中。 ServletOutputStream sos = resp.getOutputStream(); ImageIO.write(buffImg, "jpeg", sos); sos.close(); } }
登录验证
Login.java
package com.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import com.bean.User;
import com.dao.UserDao;
@WebServlet("/Login")
public class Login extends HttpServlet {
private static final long serialVersionUID = 1L;
public Login() {
super();
// TODO Auto-generated constructor stub
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
// TODO Auto-generated method stub
//设置编码
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.setHeader("Content-Type","text/html; charset=utf-8");
HttpSession session = request.getSession();
String validation_code = (String)session.getAttribute("validateCode");
String user_name = request.getParameter("username");
String user_password = request.getParameter("password");
String user_kind = request.getParameter("kind");
String verifycode = request.getParameter("verifycode");
UserDao dao = new UserDao();
User user = dao.login(user_name, user_password, user_kind);
System.out.println("用户"+user+user_name+user_password+user_kind);
//request.getSession().setAttribute("username", user_name);
if(!verifycode.equalsIgnoreCase(validation_code)){
request.getSession().setAttribute("verify", "验证码错误,请重新输入!"); //输入的验证码与图片的验证码不一致
response.sendRedirect(request.getContextPath()+"/login.jsp");
}
else{
if(user != null){
request.getSession().setAttribute("user", user);
if(user_kind.equals("管理员")){
request.getRequestDispatcher("jsp/ManagerMainPage.jsp").forward(request, response);
//response.sendRedirect("jsp/ManagerMainPage.jsp");
return;
}
else{
request.getRequestDispatcher("jsp/EmployeeMainPage.jsp").forward(request, response);
//response.sendRedirect("jsp/EmployeeMainPage.jsp");
return;
}
}
else{
request.getSession().setAttribute("message", "用户名或密码错误!"); //登录信息验证错误
//response.getWriter().write("<script language='javascript'>alert('用户名或密码不正确!')</script>");
//request.getRequestDispatcher("/login.jsp").forward(request, response);
response.sendRedirect(request.getContextPath()+"/login.jsp");
}
}
}
}
截图:
#密码正确,验证码匹配,登录成功
相关文章推荐
- 登录时第一次输入验证码显示验证码错误。出现的问题:验证码ajax验证时 后台取不到session的值
- JavaWeb学习记录(六)——用户登录功能之Session与验证码验证功能的实现
- WebClient实现下载txt文件并与用户输入进行匹配 WebClient实现用户序列号验证 txt文件在服务器端密文存储 RSA解密加密
- django 中验证码登录验证的实现
- .net登录页面实现验证码验证
- 利用Zend_Form_Element_Captcha 实现登录验证的验证码功能
- java实现登录窗口(含验证码验证、账户注册等)
- 实现任意机器间均非输入密码进行SSH登录
- Servlet结合Html实现登录验证(包括验证码验证)功能
- RHCE_LAB(2)SSH远程登录自动验证(不输入用户登录密码)的实现
- 实现任意机器间均非输入密码进行SSH登录
- struts2与cookie 实现自动登录和验证码验证实现代码
- 使用shiro的的表单过滤器重写shiro默认的认证规则来实现先验证验证码再验证登录所遇到的问题
- JavaScript实现验证码码登录验证
- Java实现控制台登录(控制台输入的数据与数据库中的数据匹配) 注册
- 如何给登录页面添加一个验证是否是机器登录的方式(验证码)
- js实现登录界面验证码生成及验证
- JavaWeb 实现验证码验证登录
- Java实现登录验证码验证
- java实现汉字验证码,包含验证输入。