Difference between revisions of "Captchas in Java"

From OWASP
Jump to: navigation, search
(Created page with '=== Overview === Captcha stands for "'''C'''ompletely '''A'''utomated '''P'''ublic '''T'''uring test to tell '''C'''omputers and '''H'''umans '''A'''part". A [http://en.wikipedia…')
 
Line 1: Line 1:
 
=== Overview ===
 
=== Overview ===
Captcha stands for "'''C'''ompletely '''A'''utomated '''P'''ublic '''T'''uring test to tell '''C'''omputers and '''H'''umans '''A'''part". A [http://en.wikipedia.org/wiki/Captcha captcha] typically takes the form of an image containing distorted letters and/or numbers and is often used on web sites where it is important to determine whether the user is a real person or a computer program.  Captcha's have some drawbacks such as accessibility for the visually impaired, high CPU requirements, and possible circumvention techniques.  In many cases, however, Captcha's can help mitigate certain types of attacks launched by malicious individuals using automated tools.  At a minimum they can raise the bar enough to deter a casual attacker.
+
CAPTCHA stands for "'''C'''ompletely '''A'''utomated '''P'''ublic '''T'''uring test to tell '''C'''omputers and '''H'''umans '''A'''part". A [http://en.wikipedia.org/wiki/Captcha CAPTCHA] typically takes the form of an image containing distorted letters and/or numbers and is often used on web sites where it is important to determine whether the user is a real person or a computer program.  CAPTCHA's have some drawbacks such as the lack of accessibility for the visually impaired, high CPU usage, and possible circumvention techniques.  In many cases, however, CAPTCHA's can help mitigate certain types of attacks launched by malicious individuals using automated tools.  At a minimum they can raise the bar enough to deter a casual attacker.
  
 
==== JCaptcha ====
 
==== JCaptcha ====
''[http://forge.octo.com/jcaptcha/confluence/display/general/Home JCaptcha]'' is a Java implementation of captcha technology developed by Marc Antoine Garrigue and released as open source. JCaptcha provides Java programmers with a framework and toolset for deploying captcha's in their web applications.  You can download the full package that includes JARs, API documentation, and source code from [http://sourceforge.net/projects/jcaptcha SourceForge]. The latest release of JCaptcha (1.0) is available under the GNU General Public License, but later releases will be under the LGPL license.
+
''[http://forge.octo.com/jcaptcha/confluence/display/general/Home JCaptcha]'' is a Java implementation of captcha technology developed by Marc Antoine Garrigue and released as open source. JCaptcha provides Java programmers with a framework and toolset for deploying CAPTCHA's in their web applications.  You can download the full package that includes JARs, API documentation, and source code from [http://sourceforge.net/projects/jcaptcha SourceForge]. The latest release of JCaptcha (1.0) is available under the GNU General Public License, but later releases will be under the LGPL license.
  
 
===== Examples =====
 
===== Examples =====
 
* A Simple Captcha Servlet: [[JCaptcha servlet example|how it works]] | [http://owasp-java.googlecode.com/svn/trunk/JCaptcha/captcha-demos.war download the war]
 
* A Simple Captcha Servlet: [[JCaptcha servlet example|how it works]] | [http://owasp-java.googlecode.com/svn/trunk/JCaptcha/captcha-demos.war download the war]
  
 +
==== SimpleCaptcha ====
 +
''[http://simplecaptcha.sourceforge.net/ SimpleCaptcha]'' is another framework that provides Java programmers with the ability to easily add a CAPTCHA to their web applications.  A number of default CAPTCHA servlets are provided, including a Chinese version.  The visual representation of the CAPTCHA text can be altered using a number of filtering methods, but SimpleCaptcha does not provide an audio CAPTCHA, which limits its accessibility for the visually impaired.
 +
 +
===== Examples =====
 +
* SimpleCaptcha Example: [https://sourceforge.net/project/platformdownload.php?group_id=147810&sel_platform=13579 J2EE Sample]
  
 
[[Category:OWASP Java Project]]
 
[[Category:OWASP Java Project]]

Revision as of 19:28, 3 September 2009

Contents

Overview

CAPTCHA stands for "Completely Automated Public Turing test to tell Computers and Humans Apart". A CAPTCHA typically takes the form of an image containing distorted letters and/or numbers and is often used on web sites where it is important to determine whether the user is a real person or a computer program. CAPTCHA's have some drawbacks such as the lack of accessibility for the visually impaired, high CPU usage, and possible circumvention techniques. In many cases, however, CAPTCHA's can help mitigate certain types of attacks launched by malicious individuals using automated tools. At a minimum they can raise the bar enough to deter a casual attacker.

JCaptcha

JCaptcha is a Java implementation of captcha technology developed by Marc Antoine Garrigue and released as open source. JCaptcha provides Java programmers with a framework and toolset for deploying CAPTCHA's in their web applications. You can download the full package that includes JARs, API documentation, and source code from SourceForge. The latest release of JCaptcha (1.0) is available under the GNU General Public License, but later releases will be under the LGPL license.

Examples

SimpleCaptcha

SimpleCaptcha is another framework that provides Java programmers with the ability to easily add a CAPTCHA to their web applications. A number of default CAPTCHA servlets are provided, including a Chinese version. The visual representation of the CAPTCHA text can be altered using a number of filtering methods, but SimpleCaptcha does not provide an audio CAPTCHA, which limits its accessibility for the visually impaired.

Examples