This week's giveaway is in the EJB and other Java EE Technologies forum.
We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line!
See this thread for details.
The moose likes Spring and the fly likes captcha in login form Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "captcha in login form" Watch "captcha in login form" New topic
Author

captcha in login form

misha nesterenko
Greenhorn

Joined: Feb 05, 2011
Posts: 28
Hello

I would like to add captcha to a login form, how can I implement it?
Abhay Agarwal
Ranch Hand

Joined: Feb 29, 2008
Posts: 1000
    
    1

Although I have not implemented captcha in any login form, but , i do have some fair idea of it. So i am sharing my thoughts on it

a. captcha is any randon alphanumeric string used for authentication in login form. We can write a simple java class to generate random
aplhanumeric strings which can be shown on jsp page. I assume you know how to display a captcha string on jsp page and use it in validation in furthur processing after form submission.

b. you can use website like http://recaptcha.net/ to have autogenerated captcha

Below mentioned is the link of a pdf from "Spring in Practice" book by Manning publication.
Refer to section 4.4 Use CAPTCHAs to prevent automated user account creation where it is mentioned how to use captcha in spring login form.

http://www.manning.com/wheeler/SIP_Wheeler_MEAP_ch4.pdf

Hope all this explanation helps you

~ abhay


Oracle Java Web Service Developer (1z0-897), Oracle certified Java 7 Programmer, SCJA 1.0, SCJP 5.0, SCWCD 5.0, Oracle SQL Fundamentals I
misha nesterenko
Greenhorn

Joined: Feb 05, 2011
Posts: 28
I have already done it.
I have used reCaptcha, no problems here. Main problem was to intercept authentication process to check captcha and reject authentication whenever that is necessary. I don't know if my way is the best one, so if there is better solution I would like to hear it . I had to declare my own authentication provider sublassed from DaoAuthenticationProvider and there I overrode additionalAuthenticationChecks, that is a place where I verify captcha. Moreover I subclassed WebAuthenticationDetails to save captcha from request for subsequent verification. That was a bit difficult to tie together, as I am new to spring and had to search internet for lots of things.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: captcha in login form
 
Similar Threads
captcha image
Can Captcha be incorporated into a java-based web-site and used as a security measure?
help regarding captch
Tech Word Game
Having issues using ajax to reload captcha