1、存放在session中

@RequestMapping("captcha")
	public void captcha(HttpServletRequest request, HttpServletResponse response,HttpSession session) throws IOException{
    
    

        //禁止图像缓存
	    response.setHeader("Pragma", "No-cache");
		response.setHeader("Cache-Control", "no-cache");
		response.setDateHeader("Expires", 0);
        // 设置响应的类型格式为图片格式
		response.setContentType("image/jpeg");

		// 生成随机字串
		String verifyCode = VerifyCodeUtils.generateVerifyCode(4);

        // 生成图片
		int w = 135, h = 40;
		VerifyCodeUtils.outputImage(w, h, response.getOutputStream(), verifyCode);

		redisTemplate.opsForValue().set("",verifyCode.toLowerCase());
		// 将验证码存储在session以便登录时校验
		session.setAttribute(CAPTCHA_KEY, verifyCode.toLowerCase());
	}

2、存放在redis中

我们知道，redis可以设置数据的有效时间，存放在redis一方面可以减轻服务器的压力，另一方面，我们可以不用手动去清除数据

@RequestMapping("captcha_bak")
    public void redisCaptcha(HttpServletRequest request, HttpServletResponse response) throws IOException{
    
    
        //禁止图像缓存
        response.setHeader("Pragma", "No-cache");
        response.setHeader("Cache-Control", "no-cache");
        response.setDateHeader("Expires", 0);
        // 设置响应的类型格式为图片格式
        response.setContentType("image/jpeg");

        // 生成随机字串
        String verifyCode = VerifyCodeUtils.generateVerifyCode(4);

        // 生成图片
        int w = 135, h = 40;
        VerifyCodeUtils.outputImage(w, h, response.getOutputStream(), verifyCode);

        redisTemplate.opsForValue().set(Redis_Captcha,verifyCode.toLowerCase());
        redisTemplate.expire(Redis_Captcha,60,TimeUnit.SECONDS);
    }