Mzelle Biscotte
Photo credit: Mzelle Biscotte
del.icio.us Digg DZone Reddit StumbleUpon
1 | 2 | Next »
Software Development

How to reCAPTCHA Your Java Application

by Willie Wheeler
Thursday, March 13, 2008
reCAPTCHA is a novel CAPTCHA service that helps digitize books. Learn how to add reCAPTCHA to your Java app.

ReCAPTCHA is a novel CAPTCHA system developed by the School of Computer Science at my alma mater, Carnegie Mellon University. I won't explain its coolness here since they do a good job of explaining that coolness themselves. What I will do here, though, is explain how to get your Java app reCAPTCHAed very quickly. Note however that reCAPTCHA is not tied specifically to Java.

In this tutorial I'm using Spring 2.5 MVC with annotations, and Commons Validator, but you'll be able to follow this whether or not you're using Spring and Validator.

These instructions are based on the instructions from the reCAPTCHA site, but I'm focusing specifically on Java integration whereas the site makes you dig around a bit to get the information. Not too bad, but enough that there's value in my writing a Java-specific tutorial. :-)

Step 1. Get your account and key pair

First, go to the reCAPTCHA web site and create an account. As part of that account creation process you'll have to specify the domain your reCAPTCHA will be protecting. The reCAPTCHA site will will give you a key pair for that domain. The key pair allows you to authenticate your reCAPTCHA requests to the reCAPTCHA servers, as we'll see.

Step 2. Put the reCAPTCHA JavaScript in your app's form

Here's the JavaScript you need to put in your form, meaning in between the <form> and </form> tags. Put it wherever you would have normally put a CAPTCHA text box. This JavaScript will generate the reCAPTCHA box when users request the page:

<script type="text/javascript"
    src="http://api.recaptcha.net/challenge?k=<your_public_key>">
</script>
<noscript>
    <iframe src="http://api.recaptcha.net/noscript?k=<your_public_key>"
        height="300" width="500" frameborder="0"></iframe><br>
    <textarea name="recaptcha_challenge_field" rows="3" cols="40">
    </textarea>
    <input type="hidden" name="recaptcha_response_field" 
        value="manual_challenge">
</noscript>

It probably goes without saying, but I'll say it anyway: you need to replace the two instances of <your_public_key> with the public key that you received during the account creation process. Be careful that you don't use your private key by mistake. If you do that then everybody will be able to see your private key and act like they're you.

Step 3. Run your app and make sure the reCAPTCHA is showing up

You should see it there in your form. It's OK if you are coming from localhost or 127.0.0.1 instead of the domain that you specified in the account creation step; reCAPTCHA will allow that. You should be able to click the buttons on the reCAPTCHA box and they should work.

After you goof around with that a bit, you'll need to update your app itself so that it actually uses the reCAPTCHA box to validate the form submission.

Let's turn now to the Java piece, where we validate the form and reCAPTCHA.

Social bookmarks: del.icio.us Digg DZone Reddit StumbleUpon
1 | 2 | Next »
Show comments (39)

Post a comment

Your name:
Your e-mail address (won't be displayed):
Your web site (optional):
example: www.xyz.com
Your comment:
Please help us prevent comment spam:

What's New?

2008-10-20 - I've added a new mailing list feature to the site. Sign up to receive e-mail updates about new articles.
2008-09-30 - We've released chapter 4 (User registration) and chapter 5 (Authentication) of Spring in Practice.
2008-09-11 - By popular demand, I've added an RSS feed to the site.
Home | Consulting | Tech Articles | Mailing List | About | Contact | Spring Blog
Copyright © 2008 Wheeler Software, LLC.