Tools and Technologies used in this article :

  1. reCAPTCHA

  2. Spring Framework 3.2

  3. Spring Tool Suite 3.2

  4. JDK 1.6

  5. Tomcat 7

Note : Spring 3 requires at least JDK 5. So, make sure you have JDK 5 or above.

 

1. Sign up for reCAPTCHA API keys

Use your existing google account or open a new one to sign up for reCAPTCHA API keys for your site. Provide domain name (say www.yoursite.com) and click 'Create Key' button.

Create a reCAPTCHA key

Once signed up, two keys (Public key and Private key) will be provided for your domain.

reCAPTCHA Public and Private key
Note : By default, all reCAPTCHA keys work for 'localhost' / '127.0.0.1' in local development or test environment. As the name itself suggests, be sure to keep Private key as secret.

Integration of reCAPTCHA into a form, mainly consists of following two steps

  1. Client side code to display reCAPTCHA widget.

  2. Server side code to verify user's answer by connecting to reCAPTCHA server.

 

2. Add reCAPTCHA Maven dependency

Add reCAPTCHA Maven dependency along with servlet-api in pom.xml.

File : pom.xml

 

3. Client side code to display reCAPTCHA widget

We'll encapsulate all the codes to generate reCAPTCHA widget in a tagfile (say captcha.tag) so that it can be reused in other forms as well in the application.

File : WEB-INF/tags/captcha.tag
Note : Do not forget to replace "[your reCaptcha public key]" and "[your reCaptcha private key]" with your actual public and private API key. createRecaptchaHtml(String errorMessage, Properties options) creates HTML code with embedded recaptcha.

Now use this tagfile (e.g. <sc:captcha>) in your form to display reCAPTCHA widget.

File : WEB-INF/pages/captcha.jsp

 

4. Add reCAPTCHA bean

Add bean definition of reCAPTCHA implementation in spring configuration xml. Using annotation @Autowire, this bean is injected into controller.

File : WEB-INF/dispatcher-servlet.xml
Note : Do not forget to replace "[your reCaptcha private key]" with your actual API private key.

 

5. Server side code to verify user's entry

Now we'll write one controller class (say ReCaptchaHelloWorldController) with a handler method to verify reCAPTCHA words entered by the user.

File : com/srccodes/spring/controller/ReCaptchaHelloWorldController.java

User will be redirected to either initial page (captcha.jsp) having reCAPTCHA widget or success page (success.jsp) based on the ReCaptchaResponse received from the reCAPTCHA sever.

File : WEB-INF/pages/success.jsp

 

6. Overall Project Structure

Overall Project Structure

 

7. Demo

Start the server and deploy the web application. Open the url http://<IP>:<PORT>/ReCaptchaHelloWorld.

reCAPTCHA widget

If you enter wrong words and submit the form, then you will be redirected to the same page with an error message "Try again and prove it".

reCAPTCHA challenge failed

For correct reCAPTCHA entry, you will be redirected to the success page.

reCAPTCHA challenge passed

 

8. Live Demo

To experience the live demo, please browse JavaScript Extractor Tool.

 

Download SrcCodes

spring-mvc-recaptcha-hello: GitHub or zip

 

References