Cookie中用户登录信息登录验证
2016-10-12 10:18
435 查看
public class FormServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
String form = "<form action='LoginCodeServlet' method='post'>"+
"Name:<input type='text' name='name'/><br/>"+
"Pwd:<input type='password' name='pwd'/><br/>"+
"验证码:<input type='text' name='code'/><img src='ImgServlet'></img><br/>"+
"<input type='submit' value='登录'/> </form>";
out.println(form);
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
}
---------------------------------------------------------------------------------------------------------
public class LoginCodeServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
String code = request.getParameter("code");//用户输入的code
String sCode = (String) request.getSession().getAttribute("sCode");//放在session中真实code
if(sCode==null || !sCode.equals(code)){
out.println("验证码错误!");
}else{
//验证码正确,然后再获取用户名和密码,到后台进行用户信息验证
String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
if(name!=null && !name.trim().equals("") &&
pwd!=null && !pwd.trim().equals("")){
System.out.println("到后台数据库进行信息验证:"+name+","+pwd);
out.println("登录成功:"+name+","+pwd);
}else{
out.println("验证码正确,但Name或Pwd信息未输全");
}
}
//※验证码用过一次之后,就要让它失效!!!否则容易被黑
request.getSession().removeAttribute("sCode");//清除容器中的属性
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
}
-------------------------------------------------------------------------------------------------------------------
public class ImgServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("image/jpg");
int w=60;
int h=30;
BufferedImage img = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
Graphics g = img.getGraphics();
g.setFont(new Font("a", Font.BOLD, 18));
Random r = new Random();
int a = r.nextInt(10000);
//把正确的验证码存储到session中
request.getSession().setAttribute("sCode", ""+a);
g.drawString(""+a, 0, h);
g.dispose();
ImageIO.write(img, "JPEG", response.getOutputStream());
}
}
----------------------------------------------------------------------------------------------------------------------
<a href="FormServlet">用户登录--验证码技术演示</a>
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
String form = "<form action='LoginCodeServlet' method='post'>"+
"Name:<input type='text' name='name'/><br/>"+
"Pwd:<input type='password' name='pwd'/><br/>"+
"验证码:<input type='text' name='code'/><img src='ImgServlet'></img><br/>"+
"<input type='submit' value='登录'/> </form>";
out.println(form);
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
}
---------------------------------------------------------------------------------------------------------
public class LoginCodeServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html;charset=utf-8");
PrintWriter out = response.getWriter();
out.println("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\">");
out.println("<HTML>");
out.println(" <HEAD><TITLE>A Servlet</TITLE></HEAD>");
out.println(" <BODY>");
String code = request.getParameter("code");//用户输入的code
String sCode = (String) request.getSession().getAttribute("sCode");//放在session中真实code
if(sCode==null || !sCode.equals(code)){
out.println("验证码错误!");
}else{
//验证码正确,然后再获取用户名和密码,到后台进行用户信息验证
String name = request.getParameter("name");
String pwd = request.getParameter("pwd");
if(name!=null && !name.trim().equals("") &&
pwd!=null && !pwd.trim().equals("")){
System.out.println("到后台数据库进行信息验证:"+name+","+pwd);
out.println("登录成功:"+name+","+pwd);
}else{
out.println("验证码正确,但Name或Pwd信息未输全");
}
}
//※验证码用过一次之后,就要让它失效!!!否则容易被黑
request.getSession().removeAttribute("sCode");//清除容器中的属性
out.println(" </BODY>");
out.println("</HTML>");
out.flush();
out.close();
}
}
-------------------------------------------------------------------------------------------------------------------
public class ImgServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
doPost(request, response);
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("image/jpg");
int w=60;
int h=30;
BufferedImage img = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
Graphics g = img.getGraphics();
g.setFont(new Font("a", Font.BOLD, 18));
Random r = new Random();
int a = r.nextInt(10000);
//把正确的验证码存储到session中
request.getSession().setAttribute("sCode", ""+a);
g.drawString(""+a, 0, h);
g.dispose();
ImageIO.write(img, "JPEG", response.getOutputStream());
}
}
----------------------------------------------------------------------------------------------------------------------
<a href="FormServlet">用户登录--验证码技术演示</a>
相关文章推荐
- csrf攻击过程 csrf攻击说明 1.用户C打开浏览器,访问受信任网站A,输入用户名和密码请求登录网站A; 2.在用户信息通过验证后,网站A产生Cookie信息并返回给浏览器,此时用户登录网站
- cookie丢失问题(认证失效) Authentication (用户验证信息)也会丢失
- php同时使用session和cookie来保存用户登录信息
- java-第六章-for-验证用户登录信息
- 使用HttpClient 4.3.4 自动登录并抓取中国联通用户基本信息和账单数据,GET/POST/Cookie
- Asp.net2.0身份验证技术学习入门---新用户注册,登录,显示用户信息
- JavaScript 利用Cookie记录用户登录信息
- WCF RIA 登录验证+cookie之完整登录验证加保留用户状态
- 07-通过cookie保存并读取用户登录信息(jsp内置对象)
- Java-第六章-用for和if-elseif 完整了用户登录信息验证
- php中使用cookie来保存用户登录信息的实现代码
- 使用COOKIE对像实现保存用户基本信息(结合Session),ASP.Net实现用户登录全过程
- asp.net用户身份验证时读不到用户信息的问题 您的登录尝试不成功。请重试。 Login控件
- 3.JBoss如何配置从数据库里读取登录用户的验证信息
- php使用cookie来保存用户登录信息
- 使用加密cookie代替session验证用户登录状态
- php同时使用session和cookie来保存用户登录信息
- php中如何同时使用session和cookie来保存用户登录信息
- 通过cookie保存并读取用户登录信息实例
- 利用Cookie保存用户登录信息,利用Filter来判断用户是否登录