登陆页面与验证码生成页面的session不一致

dadawolf2006 2008-04-02 12:53:21
问题是这样的,本机访问时没有问题,登陆页面与验证码生成页面的session是一致的,但通过其他计算机访问本机时登陆页面与验证码生成页面的session却不一致了,造成验证码生成页面中保存到session.setAttribute(属性名,属性值) 的属性无法在验证登陆页面参数时获得。
请问:这是什么问题呢?请不吝赐教!

各页面的代码如下:

****** logon.jsp 登陆页面 ******
<%@ page language="java" contentType="text/html; charset=gb2312" pageEncoding="gb2312"%>
<%
String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<base href="<%=basePath%>">

<title>×××登陆页面×××</title>

<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="0">
<meta http-equiv="keywords" content="keyword1,keyword2,keyword3">
<meta http-equiv="description" content="This is my page">

<link rel="stylesheet" type="text/css" href="css/logon.css">


</head>
<script language="javascript">
function refImage(){
document.all.image1.src="/warehouse/image.jsp";
}
</script>
<body>
<div id="logon_div" class="logon_div_c">
<form name="logonForm" method="post" action="/warehouse/Logon" >
<fieldset>
<legend>请先登陆</legend>
<table>
<c:if test="${!empty sessionScope.user}">
<tr><td><c:out value="${sessionScope.user}"/>: 您已经成功登陆</td></tr>
<tr><td><a href="/warehouse/validated/index">返回</a></td></tr>
</c:if>
<c:if test="${empty sessionScope.user}">
<tr><td>用户名:</td><td><input id="logon" class="logon_c" type="text" name="logon_name"/></td></tr>
<tr><td> </td><td><c:if test="${not empty requestScope.logon_name_err}"><font color="red">请输入用户名</font></c:if></td></tr>
<tr><td>密 码:</td><td><input id="psd" class="psd_c" type="password" name="password" /></td></tr>
<tr><td> </td><td><c:if test="${not empty requestScope.password_err}"><font color="red">请输入密码</font></c:if> </td></tr>
<tr><td>附加码:</td><td><input id="code_id" class="code_c" type="text" name="code" /></td></tr>
<tr><td><c:if test="${not empty requestScope.code_err}"><font color="red">请输入附加码</font></c:if> </td><td><img id="image1" src="/warehouse/image.jsp">
<input type="button" value="刷新图片" onclick="refImage();"/></td></tr>
<tr><td> </td><td><input type="submit" value="登 陆" />   <input type="reset" value="清 除" /></td></tr>
</c:if>
</table>
</fieldset>
</form>
<div>
<%System.out.println(request.getSession().getId()+" is sessionID"); %>
</body>
</html>


****** image.jsp 验证码生成页面******
<%@ page language="java"
import="java.awt.*,java.awt.image.*,java.util.*,javax.imageio.*"
contentType="image/jpeg" pageEncoding="gb2312"%>
<%@ page import="java.lang.Exception,javax.servlet.ServletOutputStream" %>


<%!
Color getRandColor(int fc,int bc){
//获得随机色
Random random = new Random();
if(fc>255) fc=255;
if(bc>255) bc=255;
int r=fc+random.nextInt(bc-fc);
int g=fc+random.nextInt(bc-fc);
int b=fc+random.nextInt(bc-fc);
return new Color(r,g,b);}
%>

<%
//设置页面不缓存
response.setHeader("Pragma","No-cache");
response.setHeader("Cache-Control","no-cache");
response.setDateHeader("Expires", 0);
System.out.println("session id in image.jsp"+request.getSession().getId());
//在内存中创建图像
int width=60,height=20;
BufferedImage image=new BufferedImage(width,height,BufferedImage.TYPE_INT_RGB);

//获取图形上下文
Graphics g=image.getGraphics();

//设置背景色
g.setColor(getRandColor(100,250));
g.fillRect(0,0,width,height);

//设定字体和画笔颜色
g.setFont(new Font("Times New Roman",Font.PLAIN,18));
g.setColor(new Color(255,255,255));

//获取随机验证码4位
Random random=new Random();
String validate_code="";
for (int i=0;i<4;i++){
validate_code+=String.valueOf(random.nextInt(10));

}

//画出验证码
g.drawString(validate_code,12,16);

//将验证码加入session
session.setAttribute("code",validate_code);

//图像生效,并释放资源
g.dispose();

//输出验证码图片
try{
ServletOutputStream sos=response.getOutputStream();
ImageIO.write(image,"JPEG",sos);
sos.flush();
sos.close();
sos=null;
response.flushBuffer();
out.clear();
out = pageContext.pushBody();
System.out.println("sessionID in image.jsp is "+session.getId());
}catch (Exception e){
System.err.println("\n error is "+e.toString()+"\n");
}
%>


****** logon.java 登陆参数验证servlet ******

public class Logon extends HttpServlet {

public static int num=0;

private static final long serialVersionUID = 1L;
public Context ctx=null;
public DataSource ds=null;
public Connection conn=null;

/**
* Constructor of the object.
*/
public Logon() {
super();
}


public void destroy() {
super.destroy(); // Just puts "destroy" string in log
// Put your code here
}


public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {

HttpSession session=request.getSession();
System.out.println("session id in logon "+session.getId());
if(request.getParameter("logon_name")==null||request.getParameter("logon_name").trim().equals(""))
request.setAttribute("logon_name_err", new String("1"));
if(request.getParameter("password")==null||request.getParameter("password").trim().equals(""))
request.setAttribute("password_err", new String("1"));
if(request.getParameter("code")==null||!(request.getParameter("code").equals((String)session.getAttribute("code"))))
request.setAttribute("code_err", new String("1"));
System.out.println("sessionID is "+session.getId());


if (request.getAttribute("logon_name_err") == null
&& request.getAttribute("password_err") == null
&& request.getAttribute("code_err") == null) {
User user = new User();
user.setLogon_name(request.getParameter("logon_name"));
user.setPassword(request.getParameter("password"));

try {
if (ds != null)
conn = ds.getConnection();

if (conn != null) {


System.out.println("logon_name:"+user.getLogon_name());
System.out.println("password:"+user.getPassword());
if (validate(conn,user,request)) {
session.setAttribute("user", request
.getParameter("logon_name"));
System.out.println("in /Logon 1");
request.getRequestDispatcher("/").forward(request, response);
}else{
System.out.println("in /Logon 2");
request.getRequestDispatcher("/Logon.jsp").forward(request, response);
}
}
} catch (SQLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

}else{


request.getRequestDispatcher("/Logon.jsp").forward(request, response);
}
//num++;
//System.out.println("in logon"+num);


}

private boolean validate(Connection conn2, User user,HttpServletRequest request) {
boolean trueORfalse=false;
User user2=null;
Impl_DAO dao = new Impl_DAO();
if((user2=dao.find_User(conn, user))!= null){
if(user.getPassword().equals(user2.getPassword())){
trueORfalse=true;
}else{
request.setAttribute("password_err", new String("1"));
}
}else{
request.setAttribute("logon_name_err", new String("1"));
}

return trueORfalse;
}


public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {

doGet(request,response);
}


public void init() throws ServletException {
try {
ctx=new InitialContext();
ds=(DataSource)ctx.lookup("java:comp/env/jdbc/mysql");
} catch (NamingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

}

}

...全文
789 1 打赏 收藏 转发到动态 举报
写回复
用AI写文章
1 条回复
切换为时间正序
请发表友善的回复…
发表回复
老紫竹 2008-04-02
  • 打赏
  • 举报
回复
重复问题。请看另一个问题的回复。

81,090

社区成员

发帖
与我相关
我的任务
社区描述
Java Web 开发
社区管理员
  • Web 开发社区
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧