Aim of this article:
Understanding CAPTCHA and implement CAPTCHA validation in plugin portlet
About CAPTCHA:
CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. CAPTCHA is used in computer world to determine whether a user is human or non human. CAPTCHA is used to prevent repeated data submission by program. In general CAPTCHA is represented by twisted letter or image and user will be asked to enter whats available in CAPTCHA image. Until and unless the CAPTCHA data is not entered correctly the user will be prevented do specific action.
Real time example:
Consider you have online free PDF store of ebooks and you have millions of users accross the globe. There is a chance that your server may be overloaded due to download of e books by different users. And there is another chance that some one may write program or script to download all the PDF one by one and which offcourse you dont want. In this case CAPTCHA can be used before downloading a book so that the sever does not become over loaded.Entering CAPTCHA data will take at least few seconds. A sample captcha image is shown below.
CAPTCHA and Liferay:
Liferay provides necessary API as well as tag library to implement CAPTCHA.
Implement CAPTCHA in portlet: We are going to develop one portlet which will demonstrate the basic use of Liferay API to produce captcha image as well as captcha validation.
Code Details :
init.jsp
<%@ taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet" %> <%@ taglib uri="http://liferay.com/tld/aui" prefix="aui" %> <%@ taglib uri="http://liferay.com/tld/ui" prefix="liferay-ui" %> <%@ taglib uri="http://liferay.com/tld/theme" prefix="liferay-theme" %> <portlet:defineObjects /> <liferay-theme:defineObjects />
view.jsp
<%@ include file="/view/init.jsp" %> <!-- This URL will be invoked before showing the CAPTCHA image --> <portlet:resourceURL var="captchaURL"/> <!-- This URL validate the CAPTCHA data entered by user --> <portlet:actionURL var="validateURL" name="validateCaptcha"/> <liferay-ui:error key="errorMessage" message="Enter correct data as shown in the image"/> <aui:form action="<%= validateURL %>" method="post" name="fm"> <aui:input name="mobileNumber" label="Mobile Number" value=""/> <aui:input name="email" label="Email" value=""/> <liferay-ui:captcha url="<%=captchaURL%>" /> <aui:button-row> <aui:button type="submit" /> </aui:button-row> </aui:form>
CaptchaDemo.java
package com.proliferay.demo; import java.io.IOException; import javax.portlet.ActionRequest; import javax.portlet.ActionResponse; import javax.portlet.PortletException; import javax.portlet.ProcessAction; import javax.portlet.ResourceRequest; import javax.portlet.ResourceResponse; import com.liferay.portal.kernel.captcha.CaptchaException; import com.liferay.portal.kernel.captcha.CaptchaUtil; import com.liferay.portal.kernel.servlet.SessionErrors; import com.liferay.portal.kernel.util.ParamUtil; import com.liferay.util.bridges.mvc.MVCPortlet; /** * Portlet implementation class CaptchaDemo */ public class CaptchaDemo extends MVCPortlet { @ProcessAction(name = "validateCaptcha") public void validateCaptcha(ActionRequest actionRequest, ActionResponse actionResponse) throws IOException, PortletException { /** * Not using mobileNumber and email. Its just a demo to understand CAPTCHA * validation */ String mobileNumber = ParamUtil.getString(actionRequest, "mobileNumber"); String email = ParamUtil.getString(actionRequest, "email"); System.out.println("Mobile Number :" + mobileNumber); System.out.println("Email :" + email); try { /** * This is the actual code which validate captcha data entered by user. */ CaptchaUtil.check(actionRequest); System.out.println("CAPTCHA validated successfully"); } catch (CaptchaException e) { SessionErrors.add(actionRequest, "errorMessage"); } } /** * The below code is responsible for rendering the CAPTCHA image */ @Override public void serveResource(ResourceRequest resourceRequest, ResourceResponse resourceResponse) throws IOException, PortletException { try { CaptchaUtil.serveImage(resourceRequest, resourceResponse); } catch (Exception e) { System.out.println(e.getMessage()); } } }
Read the code comment for better understanding.