I am the author of SimpleCaptcha. While I would recommend -- for humanity's sake -- using ReCaptcha where you can, I provided SimpleCaptcha because some organizations have policies which prohibit libraries like ReCaptcha. SimpleCaptcha is meant to be entirely stand-alone, with no external dependencies: as long as you are in a J2EE container, you should be good.
Also, SimpleCaptcha is now available for either Java 1.5 or Java 6.
ReCaptcha is the only captcha you should use, because it's the only captcha that makes the world better (improve OCR results to old text), with almost unlimited database.
All other captchas are usually limited by its database, or do nothing good to this world.
EDIT :: I found steps how to implement captcha using recaptcha.
What happens when ReCaptcha is down/unavailable? Does your service simply stop? Do you simply stop signing people up when it's down? Do you allow users to sign up even if ReCaptcha isn't running? If so, what are the security implications of this? Especially if you use CAPTCHA for more than just signup, e.g. reset password forms, login forms, ... which would not be acceptable to use without the CAPTCHA component.
The Java world of CAPTCHAs is in a sad state, with SimpleCaptcha seemingly the best solution for those of us out there that cannot accept a hosted service.
I created http://kaptcha.googlecode.com before recaptcha became as popular as it is today. It also offers you the ability to host it yourself, which may be necessary in some situations.
Kaptcha is a heavily modified and updated version of SimpleCaptcha and supports JDK5/6.
SimpleCaptcha is really nice and easy to use.
Here's an example how to use SimpleCaptcha with JSF 2.0 (the homepage has an example for JSP)
Note that I'm not even bothering to store the captcha value in the bean, I'm only validating it.
The bean:
// imports missing here
@ManagedBean
@SessionScoped
public class LoginBean implements Serializable
{
public void validateCaptcha(FacesContext context,
UIComponent componentToValidate,
Object value)
throws ValidatorException
{
HttpSession session = (HttpSession) context.getExternalContext().getSession(false);
Captcha secretcaptcha = (Captcha) session.getAttribute(Captcha.NAME);
if (secretcaptcha.isCorrect(value.toString()))
return;
// optional: clear field
((HtmlInputText) componentToValidate).setSubmittedValue("");
throw new ValidatorException(new FacesMessage("Captcha does not match"));
}
}
The relevant segment of the facelet:
<h:form id="CaptchaForm">
Type this: <br/>
<h:graphicImage id="CaptchaImgID" value="/simpleCaptcha.png"/> <br/>
<h:inputText id="CaptchaID"
required="true"
requiredMessage="Captcha missing"
validator="#{loginBean.validateCaptcha}"
validatorMessage="Captcha does not match"
immediate="true">
</h:inputText>
<br/>
<h:commandButton value="Check"/>
<p/>
<!-- message for the input field -->
<h:message id="CaptchaMsgID" for="CaptchaID" style="color:red" />
</h:form>
The relevant segment of the web.xml:
<servlet>
<servlet-name>SimpleCaptcha</servlet-name>
<servlet-class>nl.captcha.servlet.SimpleCaptchaServlet</servlet-class>
<init-param>
<param-name>captcha-width</param-name>
<param-value>250</param-value>
</init-param>
<init-param>
<param-name>captcha-height</param-name>
<param-value>75</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>SimpleCaptcha</servlet-name>
<url-pattern>/simpleCaptcha.png</url-pattern>
</servlet-mapping>
Enjoy :-)
Kaptcha is a nice alternative to Recaptcha if you are looking to host your own captcha service instead of relying on a third party captcha service (like recaptcha).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With