Java Code House

Today I am going to show you how you can generate and validate captcha. A CAPTCHA (an acronym for "Completely Automated Public Turing test to tell Computers and Humans Apart"), a trademark of Carnegie Mellon University, is a type of challenge-response test used in computing to determine whether or not the user is human. This requires the user to type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen. Because the test is administered by a computer, in contrast to the standard Turing test that is administered by a human, a CAPTCHA is sometimes described as a reverse Turing test. This test is most common when someone registers or opens a new account in any website.
       Here we will be using jcaptcha library for captcha generation and validation. In our demo we will follow MVC architecture to carry this out. We have the following classes, servlets and JSPs in our project.

• login.jsp : This is the home page. Here the captcha challenge image will be shown with a text-box to enter the characters.  On submitting it is validated by a servlet.
• CaptchaService class : This is a singleton class that is responsible for generating the instance that will help in generating the challenge image.
• CaptchaGeneratorServlet class : this servlet has a GET method which generates the image with CaptchaService class and converts it to a byte array and then writes to the output stream. The image is generated using the session id of the user which is used as the captcha id.
• CaptchaVerifierServlet class : It has a POST method which receives the input characters from usere and validates it. The result is returned as a boolean which is set as a session attribute and for the result to be shown it is forwarded to a JSP.
• results.jsp : It extracts the session attribute and displays result according to that.

-------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------
/* Code for login.jsp */

<!DOCTYPE html>
<html>
<head>
<title>JCaptcha Demo</title>
</head>
<body>
   <h2>JCaptcha Demo</h2>
   <form action="captcha-verifier" method="post">
      <input type="hidden" name="captchaID" value="<%= session.getId() %>"/>
      <table><tr>
           <td valign="middle">Enter these letters:<br/>
           <img src="./captcha-generator" align="middle" alt="Enter the 
             characters appearing in this image" border="1"/></td>
           <td><input type="text" name="inChars"/></td>
         </tr>
         <tr>
           <td><input type="submit" value="Submit"/></td>
         </tr>
      </table>
   </form>
</body>
</html>

/* Code for CaptchaService.java */

package java_code_house.jcaptcha;

import com.octo.captcha.service.image.ImageCaptchaService;
import com.octo.captcha.service.image.DefaultManageableImageCaptchaService;

public class CaptchaService{
    // a singleton class
    private static ImageCaptchaService instance = new DefaultManageableImageCaptchaService();
    
    public static ImageCaptchaService getInstance(){
     return instance;
    }

}

/* Code for CaptchaGeneratorServlet.java */

package java_code_house.jcaptcha;

import com.octo.captcha.service.CaptchaServiceException;

import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;

import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


@WebServlet("/captcha-generator")
public class CaptchaGeneratorServlet extends HttpServlet{
 private static final long serialVersionUID=1L;
 
 protected void doGet(HttpServletRequest request, HttpServletResponse response)throws ServletException, IOException {
  ByteArrayOutputStream imgStream = new ByteArrayOutputStream();
  byte[] captchaBytes=null;

   try{
   // Session ID is used to identify the particular captcha
   String captchaId = request.getSession().getId();
   // Generate the captcha image
   BufferedImage img = CaptchaService.getInstance().getImageChallengeForID(
     captchaId, request.getLocale() );
   ImageIO.write(img, "jpeg", imgStream );
   captchaBytes = imgStream.toByteArray();

    // Clear any existing flag
   request.getSession().removeAttribute("result");
  }catch( CaptchaServiceException|IOException ex ) {
   System.out.println(ex);
  }

   // Set appropriate http headers
  response.setHeader( "Cache-Control", "no-store" );
  response.setHeader( "Pragma", "no-cache" );
  response.setDateHeader( "Expires", 0 );
  response.setContentType( "image/jpeg");

   // Write the image to the client
  OutputStream os = response.getOutputStream();
  os.write(captchaBytes);
  os.flush();
  os.close();
 }

}

/* Code for CaptchaVerifierServlet.java */

package java_code_house.jcaptcha;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.octo.captcha.service.CaptchaServiceException;

@WebServlet("/captcha-verifier")
public class CaptchaVerifierServlet extends HttpServlet {
 private static final long serialVersionUID = 1L;

  protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
  // Get the request params
  String cId = request.getParameter("captchaID");
  String inChars = request.getParameter("inChars");

   // Validate whether input from user is correct
  boolean hasPassed = validateCaptcha(cId, inChars );
  
  // Set flag into session
  request.getSession().setAttribute( "result", new Boolean(hasPassed) );

   // Forward request to results page
  request.getRequestDispatcher( "/results.jsp" ).forward( request, response );
 }

  private boolean validateCaptcha( String captchaId, String inputChars ){
  boolean b = false;
  try{
   b = CaptchaService.getInstance().validateResponseForID( captchaId, inputChars );
  }catch( CaptchaServiceException cse ){}
  return b;
 }

}

In our vlast posts we only concentrated on sniffing class declaration and its members. But this time we will go beyond it and try to get and set field values of a given class using Java Reflection.For this we just need an instance of a class. Though here we will deal with public fields only and someone might think that we can get and set field values in thes cases directly using instance of that class. But this is not the actual case in real situation. This is done only in places where directly we cannot set thopse values as in case of private members. So here we have used method getDeclaredField() (we will deal with private members later). Here we will just show that once you have the class refernce and the instance of a particualr class you can get and set the field values whether its an integer,float,string or array. There are seperate methods for different primitive data types like getInt() and setInt() for int , getLong() and setLong() for long and so on. But for data types other than primiotive ones you have to use get() and set() methods.
      Here in our demo we jave created a class Person with fields of type int, String and a String array. So you will be able to uinderstand clearly how to use different methods depending on data type.
-------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------------------
import java.lang.reflect.Field;
import java.util.Arrays;

import static java.lang.System.out;

class Person{
public int id=1521;
public String name="Luther";
public String hobbies[]={"cricket","music"};
}

public class FieldChanger {
public static void main(String[] args) {
try{
    Class c=Person.class;  //getting class reference
    Person pobj=new Person();
    
    Field id=c.getDeclaredField("id");  //getting field reference
    out.println("BEFORE :   id = "+id.getInt(pobj));  //getting initial int value
    id.setInt(pobj, 1926);  //setting a new int value
    out.println(" AFTER :   id = "+id.getInt(pobj));
    
    Field name=c.getDeclaredField("name");
    out.println("BEFORE :   name = "+name.get(pobj));  //getting initial String value
    name.set(pobj, "Jennifer");  //setting a new String value
    out.println(" AFTER :   name = "+name.get(pobj));
    
    Field hobbies=c.getDeclaredField("hobbies");
    //showing initial array values
    out.println("BEFORE :   hobbies = "+Arrays.asList(pobj.hobbies));
    String[] nhob={"football"};
    hobbies.set(pobj, nhob);  //setting new values for array
    out.println(" AFTER :   hobbies = "+Arrays.asList(pobj.hobbies));
    
}catch(NoSuchFieldException|
IllegalAccessException e){ }
}
}