public class AuthImg extends HttpServlet {
  private static final String CONTENT_TYPE = "text/html; charset=UTF-8";

  private Font mFont;

  public AuthImg() {
    mFont = new Font("Times New Roman", 0, 18);
  }

  public void init() throws ServletException {
  }

  public void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    String authCode = genAuthCode(4);
    AuthCodeCookie authCodeCookie = new AuthCodeCookie(request, response);
    authCodeCookie.addAuthCode(authCode);//保存验证码到cookies
    response.setContentType("image/jpeg");
    javax.servlet.ServletOutputStream out = response.getOutputStream();
    int width = 60;
    int height = 20;
    BufferedImage image = new BufferedImage(width, height, 1);
    Graphics gra = image.getGraphics();
    Random random = new Random();
    gra.setColor(getRandColor(200, 250));
    gra.fillRect(1, 1, width, height);
    gra.setColor(getRandColor(160, 200));
    for (int i = 0; i < 155; i++) {
      int x = random.nextInt(width);
      int y = random.nextInt(height);
      int xl = random.nextInt(12);
      int yl = random.nextInt(12);
      gra.drawLine(x, y, x + xl, y + yl);
    }

    gra.setFont(mFont);
    for (int i = 0; i < 4; i++) {
      char c = authCode.charAt(i);
      gra.setColor(new Color(20 + random.nextInt(110), 20 + random.nextInt(110), 20 + random.nextInt(110)));
      gra.drawString(String.valueOf(c), 13 * i + 6, 16);
    }

    gra.dispose();
    ImageIO.write(image, "JPEG", out);
  }

  Color getRandColor(int fc, int bc) {
    Random random = new Random();
    if (fc > 255)
      fc = 255;
    if (bc > 255)
      bc = 255;
    int r = fc + random.nextInt(bc - fc);
    int g = fc + random.nextInt(bc - fc);
    int b = fc + random.nextInt(bc - fc);
    return new Color(r, g, b);
  }

  public String genAuthCode(int length) {
    if (length < 1)
      return null;
    String strChars[] = { "1", "2", "3", "4", "5", "6", "7", "8", "9" };
    StringBuffer strPassword = new StringBuffer();
    int nRand = (int) Math.round(Math.random() * 100D);
    for (int i = 0; i < length; i++) {
      nRand = (int) Math.round(Math.random() * 100D);
      strPassword.append(strChars[nRand % (strChars.length - 1)]);
    }

    return strPassword.toString();
  }

  public void doPost(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    doGet(request, response);
  }

  public void destroy() {
  }

}

html: 

function refresh() { 

 var img = document.getElementById("checkCodeImg"); 

 now = new Date(); 

 img.src = "authimg?code="+now.getTime(); 

} 


<IMG height=18 src='authimg' id="checkCodeImg" > 

<a href="#" οnclick="javascript:refresh();">看不清,换一张</a> 


web.xml: 

<servlet> 

    <servlet-name>authimg</servlet-name> 

    <servlet-class>com.worthtech.app.servlet.AuthImg</servlet-class> 

  </servlet> 

  <servlet-mapping> 

    <servlet-name>authimg</servlet-name> 

    <url-pattern>/authimg</url-pattern> 

  </servlet-mapping>