How to configure JCaptcha with your Spring App
Update: 03/17/2009: This code example uses JCaptcha 1.0-RC6 . The latest version released on 02/04/2009 is JCaptcha 1.0. If you use JCaptcha 1.0 then you might have to make some changes to the code given in this example.
This is how I setup JCaptcha in my application. Following code snippet is for the test page I have created to test the JCaptcha and Spring integration
1) First create a controller which will generate a new Captcha for each session based on session id
package com.example.web.controller;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.util.Map;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.validation.BindException;
import org.springframework.web.servlet.ModelAndView;
import com.octo.captcha.service.CaptchaServiceException;
import com.octo.captcha.service.image.ImageCaptchaService;
import com.sun.image.codec.jpeg.JPEGCodec;
import com.sun.image.codec.jpeg.JPEGImageEncoder;
import com.example.domain.LoginCommand;
import com.example.logger.LoginLogger;
public class CaptchaController extends LoginBaseController {
public CaptchaController(){
setCommandClass(LoginCommand.class);
}
@Override
protected ModelAndView showForm(HttpServletRequest request, HttpServletResponse response, BindException errors,
Map controlModel) throws Exception {
byte[] captchaChallengeAsJpeg = null;
// the output stream to render the captcha image as jpeg into
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
try {
// get the session id that will identify the generated captcha.
//the same id must be used to validate the response, the session id is a good candidate!
String captchaId = request.getSession().getId();
LoginLogger.debug(this, "Captcha ID which gave the image::" + captchaId);
// call the ImageCaptchaService getChallenge method
BufferedImage challenge = ((ImageCaptchaService)getCaptchaService()).getImageChallengeForID(captchaId, request.getLocale());
// a jpeg encoder
JPEGImageEncoder jpegEncoder =
JPEGCodec.createJPEGEncoder(jpegOutputStream);
jpegEncoder.encode(challenge);
} catch (IllegalArgumentException e) {
response.sendError(HttpServletResponse.SC_NOT_FOUND);
return null;
} catch (CaptchaServiceException e) {
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
return null;
}
captchaChallengeAsJpeg = jpegOutputStream.toByteArray();
// flush it in the response
response.setHeader("Cache-Control", "no-store");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
//response.setContentType("image/jpeg");
// response.getOutputStream().write(jpegOutputStream);
ServletOutputStream responseOutputStream =
response.getOutputStream();
responseOutputStream.write(captchaChallengeAsJpeg);
responseOutputStream.flush();
responseOutputStream.close();
return null;
}
}
Please note that your implementation can vary. The only thing you want is a simple Servlet which will execute the code in showForm method above. In my case I am relying on Spring framework to execute this code because in the JSP where you show Captcha image I have written something like this
<img id=”captchaImage” src=”http://localhost:8080/LoginApplication/captcha.htm”>. In my application the URL captcha.htm is wired to this controller. But you can choose to have a simple servlet mapped instead of a Spring Controller.
2) Make the following entries in your Spring config files to configure JCaptcha
<!-- Captcha Related Mappings -->
<bean id="captchaController"
class="com.example.web.controller.CaptchaController">
<property name="captchaService" ref="captchaService" />
</bean>
<bean id="imageEngine" class="com.octo.captcha.engine.GenericCaptchaEngine">
<constructor-arg index="0">
<list>
<ref bean="CaptchaFactory"/>
</list>
</constructor-arg>
</bean>
<bean id="CaptchaFactory" class="com.octo.captcha.image.gimpy.GimpyFactory" >
<constructor-arg><ref bean="wordgen"/></constructor-arg>
<constructor-arg><ref bean="wordtoimage"/></constructor-arg>
</bean>
<bean id="wordgen" class= "com.octo.captcha.component.word.wordgenerator.DictionaryWordGenerator" >
<constructor-arg><ref bean="filedict"/></constructor-arg>
</bean>
<bean id="filedict" class="com.octo.captcha.component.word.FileDictionary" >
<constructor-arg index="0"><value>toddlist</value></constructor-arg>
</bean>
<bean id="wordtoimage" class="com.octo.captcha.component.image.wordtoimage.ComposedWordToImage" >
<constructor-arg index="0"><ref bean="fontGenRandom"/></constructor-arg>
<constructor-arg index="1"><ref bean="backGenUni"/></constructor-arg>
<constructor-arg index="2"><ref bean="simpleWhitePaster"/></constructor-arg>
</bean>
<bean id="fontGenRandom" class="com.octo.captcha.component.image.fontgenerator.RandomFontGenerator" >
<constructor-arg index="0"><value>40</value></constructor-arg>
<constructor-arg index="1"><value>50</value></constructor-arg>
<constructor-arg index="2">
<list>
<ref bean="fontArial"/>
</list>
</constructor-arg>
</bean>
<bean id="fontArial" class="java.awt.Font" >
<constructor-arg index="0"><value>Arial</value></constructor-arg>
<constructor-arg index="1"><value>0</value></constructor-arg>
<constructor-arg index="2"><value>10</value></constructor-arg>
</bean>
<bean id="backGenUni" class="com.octo.captcha.component.image.backgroundgenerator.UniColorBackgroundGenerator" >
<constructor-arg index="0"><value>300</value></constructor-arg>
<constructor-arg index="1"><value>100</value></constructor-arg>
</bean>
<bean id="simpleWhitePaster" class="com.octo.captcha.component.image.textpaster.SimpleTextPaster" >
<constructor-arg type="java.lang.Integer" index="0">
<value>3</value>
</constructor-arg>
<constructor-arg type="java.lang.Integer" index="1">
<value>5</value>
</constructor-arg>
<constructor-arg type="java.awt.Color" index="2">
<ref bean="colorBlack"/>
</constructor-arg>
</bean>
<bean id="colorGreen" class="java.awt.Color" >
<constructor-arg index="0"><value>0</value></constructor-arg>
<constructor-arg index="1"><value>255</value></constructor-arg>
<constructor-arg index="2"><value>0</value></constructor-arg>
</bean>
<bean id="colorBlack" class="java.awt.Color" >
<constructor-arg index="0"><value>0</value></constructor-arg>
<constructor-arg index="1"><value>0</value></constructor-arg>
<constructor-arg index="2"><value>0</value></constructor-arg>
</bean>
<bean id="captchaService" class="com.octo.captcha.service.multitype.GenericManageableCaptchaService">
<constructor-arg index="0"><ref bean="imageEngine"/></constructor-arg>
<constructor-arg index="1"><value>180</value></constructor-arg>
<constructor-arg index="2"><value>180000</value></constructor-arg>
</bean>
For test purpose I have used a Simple Text Captcha.
3) To test create a command,controller and JSP like this
public class LoginCommand implements Serializable {
private String verificationTextForForgotPass;
//getter and setter methods
}
package com.example.web.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.validation.BindException;
import org.springframework.web.servlet.ModelAndView;
import com.octo.captcha.service.CaptchaServiceException;
import com.example.domain.LoginCommand;
public class CaptchaDemoController extends LoginBaseController {
private CaptchaService captchaService;
//Getter and setter for captchaService
public CaptchaDemoController() {
setCommandClass(LoginCommand.class);
}
@Override
protected Object formBackingObject(HttpServletRequest request) throws Exception {
LoginCommand command = new LoginCommand();
return command;
}
@Override
protected ModelAndView processFormSubmission(HttpServletRequest request, HttpServletResponse response,
Object command, BindException errors) throws Exception {
boolean isResponseCorrect = false;
String sessionId = request.getSession().getId();
//retrieve the response
String verificationText = ((LoginCommand) command).getVerificationTextForForgotPass();
// Call the Service method
try {
isResponseCorrect = getCaptchaService().validateResponseForID(sessionId, verificationText);
}
catch (CaptchaServiceException e) {
//should not happen, may be thrown if the id is not valid
}
//You can do whatever you want to based on the response
response.getWriter().write(String.valueOf(isResponseCorrect));
return null;
}
}
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %> <head> <title>Captcha Demo</title> </head> <form:form action="captchaDemo.htm"> <img id="captchaImage" src="http://localhost:8080/LoginApplication/captcha.htm"> Enter the text here <form:input id="verificationTextForgPassDiv" path="verificationTextForForgotPass" cssErrorClass="errorField"/> <input type="submit" name="Submit" value="Submit"/> </form:form>
As you can see the JSP will just show one Captcha Image and a text box where you can enter the Image text. The controller will verify the entered text and display true or false based on the result. You can implement your logic here for the Captcha verification result.
4) Finally make the following entries in your corresponding spring config file
<beans>
<bean class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping">
<property name="mappings">
<props>
<prop key="/captchaDemo.htm">captchaDemoController</prop>
<prop key="/captcha.htm">captchaController</prop>
</props>
</property>
</bean>
</beans>
<bean id="captchaDemoView" parent="baseView"> <property name="url" value="/WEB-INF/jsp/captchaDemo.jsp"/> </bean>
<bean id="captchaDemoController" class="com.example.web.controller.CaptchaDemoController">
<property name="formView" value="captchaDemoView"/>
<property name="successView" value="captchaDemoView"></property>
<property name="captchaService" ref="captchaService" />
</bean>
Oops I forgot to mention, you should have JCaptcha jars in your classpath for this example to work 
I have written this post using the working code I have. I might have missed some configuration in this post. Let me know if you get any error. I will update the post.
4 Comments »
Leave a Reply
About Me
Hello. Thanks for visiting my blog. I am Paras Jain. I am a Riveter – team member of Rivet Logic Corporation in Reston, Virginia, USA. I am working as Senior Software Engineer. Currently most of my work involves implementing solutions involving Liferay and Alfresco. I have experience in Grails, Spring, Struts, Hibernate, JSF, JBoss Seam and many others. I am also technical owner of few websites developed in WordPress, Drupal and Prestashop. I am a Sun Certified Java Professional. You can reach me at my email id http://scr.im/parasjain01 or http://scr.im/parasjain
Good Work! It is UseFul
Hi Paras,
Your tutorial is great, I could make with it Captcha in Spring inspite of that I am new in that area!
But I have an error.
At me happens, what shouldn’t happen
: The Catcha servlet
get an other sessionId as my “main” servlet, and so the response is not correct.
I think I haven’t configured something and that’s why don’t work it.
Could you help me, what’s my error?
Thank you in anticipation
Alice
I attach the relevant sources form my project and a logfile.
http://www.mediafire.com/download.php?mcj0otyilod
http://www.mediafire.com/download.php?zeiix2efqzw
Hello Paras, Hello Everebody,
Thank you very much for your incredibly rush and effective help. It was very kind of you!
Paras responses me per mail in a half an hour and hereby I could idenetify my problem.
The symptom is the following:
The sessionId problem is occurs just if I use stand alone Tomcat (Vers 6.0)!!
If I run my project under Eclipse plugged Tomcat the two session (and the ID) is identical, and the response controll is Ok.
I suppuse that is a configuration problem in my project but I don’t know what.
If you , or somebody else has a suggestion it would be nice!
Thank you in anticipation
Alice
Hi,
Can anyone share the in-context LoginBaseController.java file.
Thanks !!!