[原创于:http://happydev.iteye.com]
在一般的WEB应用注册或登录过程中,都会需要用户输入一个图像生成的登录或注册检验码来加强系统的安全。
本文将就如何在Seam框架下实现这个功能做一个简单说明。
一、思路
在Session中保持一个随机生成的检验码,在登录页面上用图像方式显示这个检验码,然后在登录校验时验证用户输入的校验码是否和Session中保存的一致。
二、实现
登录校验码产生及图像生成类
/**
* 登录校验码生成类
* @author Administrator
*
*/
@Name("verifyCode")
@Scope(value = ScopeType.SESSION)
@AutoCreate
public class VerifyCode {
private String verifyCode;
private String verifyCodeInSession = "";
public void paintVerifyCode(OutputStream out, Object data) throws IOException {
if (data instanceof ImageData) {
ImageData imageData = (ImageData) data;
// 生成一个在1000-9999之间的随机数
Random randomNumber = new Random();
verifyCodeInSession = randomNumber.nextInt(8999) + 1000 + "";
// 把产生的随机数保存到session中
// 生成干扰线的随机数
int outPutLine = 0;
outPutLine = randomNumber.nextInt(100);
BufferedImage img = new BufferedImage(imageData.getWidth(), imageData.getHeight(), BufferedImage.TYPE_INT_RGB);
Graphics2D g = img.createGraphics();
g.setBackground(imageData.getBackground());
g.setColor(imageData.getDrawColor());
g.setFont(imageData.getTextFont());
// 画矩形
g.clearRect(0, 0, imageData.getWidth(), imageData.getHeight());
// 画干扰线
g.drawLine(outPutLine, outPutLine, imageData.getWidth() - outPutLine, imageData.getHeight() - outPutLine);
// 画产生的随机数
g.drawString(verifyCodeInSession, 10, 16);
g.dispose();
ImageIO.write(img, "jpeg", out);
}
}
public String getVerifyCode() {
return verifyCode;
}
public void setVerifyCode(String verifyCode) {
this.verifyCode = verifyCode;
}
public String getVerifyCodeInSession() {
return verifyCodeInSession;
}
}
相关的ImageData值对象类:(注:mageData.java就一个值对象而已,并不是必要的,就只是定义了这个图片的相关格式,如果在实际应用中不需要变动,完全也可以在绘制图片的代码中写死。)
/**
* 图片数据对象,用于产生校验码图片
* @author Administrator
*
*/
@Name("imageData")
public class ImageData implements java.io.Serializable {
private static final long serialVersionUID = 4745477530606456533L;
private int width = 60;
private int height = 20;
private Color background = new Color(0xDCDCDC);
private Color drawColor = Color.black;
private Font textFont = new Font("Times New Roman", Font.PLAIN, 18);
public int getWidth() {
return width;
}
public void setWidth(int width) {
this.width = width;
}
public int getHeight() {
return height;
}
public void setHeight(int height) {
this.height = height;
}
public Color getBackground() {
return background;
}
public void setBackground(Color background) {
this.background = background;
}
public Color getDrawColor() {
return drawColor;
}
public void setDrawColor(Color drawColor) {
this.drawColor = drawColor;
}
public Font getTextFont() {
return textFont;
}
public void setTextFont(Font textFont) {
this.textFont = textFont;
}
}
验证代码:
@Name("authenticator")
public class Authenticator
{
@In Identity identity;
@In VerifyCode verifyCode;
@In FacesMessages facesMessages;
public boolean authenticate()
{
if (!verifyCode.getVerifyCode().equals(verifyCode.getVerifyCodeInSession())){
facesMessages.add("验证码不正确");
return false;
}
......
}
}
页面代码:
<tr> <td>验证码</td> <td><h:inputText styleClass="logininput" value="#{verifyCode.verifyCode}"/></td> <td> <a4j:mediaOutput element="img" cacheable="false" session="false" createContent="#{verifyCode.paintVerifyCode}" value="#{imageData}" mimeType="image/jpeg" border="0"/> </td> </tr>