jsp页面生成随机验证码

首先是img.jsp页面

<%@ page contentType="image/jpeg" import="java.awt.*, java.awt.image.*,java.util.*,javax.imageio.*" %> 
<%! 
Color getRandColor(int fc,int bc) 
{ 
	Random random = new Random(); 
	if(fc>255) fc=255; 
	if(bc>255) bc=255; 
	int r=fc+random.nextInt(bc-fc); 
	int g=fc+random.nextInt(bc-fc); 
	int b=fc+random.nextInt(bc-fc); 
	return new Color(r,g,b); 
} 
%> 
<% 
response.setHeader("Pragma","No-cache"); 
response.setHeader("Cache-Control","no-cache"); 
response.setDateHeader("Expires", 0); 
int width=60, height=20; 
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB); 
Graphics g = image.getGraphics(); 
Random random = new Random(); 
g.setColor(getRandColor(200,250)); 
g.fillRect(0, 0, width, height); 
g.setFont(new Font("Times New Roman",Font.PLAIN,18)); 
g.setColor(getRandColor(160,200)); 
for (int i=0;i<155;i++) 
{ 
	int x = random.nextInt(width); 
	int y = random.nextInt(height); 
	int xl = random.nextInt(12); 
	int yl = random.nextInt(12); 
	g.drawLine(x,y,x+xl,y+yl); 
} 
String sRand=""; 
for (int i=0;i<4;i++){ 
	String rand=String.valueOf(random.nextInt(10)); 
	sRand+=rand; 
	g.setColor(new Color(20+random.nextInt(110),20+random.nextInt(110),20+random.nextInt(110))); 
	g.drawString(rand,13*i+6,16); 
} 
// 将认证码存入SESSION 
session.setAttribute("rand",sRand); 
g.dispose(); 
ImageIO.write(image, "JPEG", response.getOutputStream()); 
out.clear();
//这个必写 不写报错 
out = pageContext.pushBody(); 
%>

然后在login.jsp页面包含这个页面

<td><img id="randImage" src="img.jsp" width="60" height="20"border="1"></td>

并且载入这个js

<script language="javascript"> 
function loadimage(){ 
	document.getElementById("randImage").src = "img.jsp?"+Math.random(); 
} 
</script> 

最后在loginAction验证

//生成的验证码是放在session中的，这样比较安全
String sessionRand = (String)session.getAttribute("rand");
//这个登录用户输入的，放在form中
String rand = loginform.getRand();

比较他俩是否一样