CODEWITHSUNDEEP
javaspring-securitycaptcha
Pavel Rodionov
Pavel Rodionov

Reputation: 380

Integrating Captcha with Spring Security

What is appropriate way to integrate SpringSecurity with Capcha ?

I have following use case : When user will tries to login, if we he failed to login N times, captcha will be displayed, so authentication will be using three parameters : username, password, captcha. But Spring Security doesn't support built in Captcha handling.

I just start thinking about implementation. And have following variants:

As a Captcha implementation I think about JCaptcha, but what your thougths?

Upvotes: 16

Views: 24304

Answers (4)

chris
chris

Reputation: 3858

Take a look at this article: Spring Security 3: Integrating reCAPTCHA Service.

This uses two filters to make reCAPTCHA integration as seamless and unobstrusive as possible. That means your existing Spring Security implementation will not break. No need to touch existing classes

Upvotes: 4

marioosh
marioosh

Reputation: 28566

I've done integration with reCaptcha and Spring Security (Spring Web Flow + JSF) by defining custom security filter. Maybe it isn't most elegant, but works good. You can look at my blog - unfortunately in polish, but maybe will help You or someone...

http://marioosh.net/blog/?p=1087

Upvotes: 1

stevedbrown
stevedbrown

Reputation: 8934

Kaptcha is easy to use.

Upvotes: 0

myabc
myabc

Reputation: 873

As an alternative to using JCaptcha, if you'd like to use the reCAPTCHA Service on your site, then check out the free Section 4.4 (direct PDF link) of the new Spring in Practice book (currently in beta).

This shows you integration with Spring MVC and Spring Validation. Since the integration is on the front-end, w/external APIs, Spring Security doesn't really come into the picture here.

I am not sure what your use case is? Are you hoping to use captchas as an alternative to authentication to prove "human"-ness?

Upvotes: 4

Related Questions