JavaServer Pages Basic CAPTCHA Code Example

First Time Here?

Check the BotDetect JSP Captcha Quickstart for key integration steps.

The JSP Basic Captcha code example shows the most basic source code required to protect a JavaServer Pages form with BotDetect CAPTCHA and validate the user input.

It can be used as a starting point when you are getting started with BotDetect.

Download the BotDetect Java CAPTCHA Generator archive to run this example

Within this page, the root folder of the extracted archive is referred as the <BDC-DIR>.

This example is in the <BDC-DIR>/examples/t_api-captcha-jsp2-api_basics/ folder; and contains the following files:

Running Example

This example's war file (in BotDetect download package) already embeds all dependencies.

In case you are making this example from scratch in your IDE, you need to ensure botdetect.jar, botdetect-servlet.jar, and botdetect-jsp20.jar are in the classpath.


<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@page import="com.captcha.botdetect.web.servlet.Captcha"%>
<!DOCTYPE html>
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <title>BotDetect Java CAPTCHA Validation: JSP Basic CAPTCHA Code Example</title>
  <link rel="stylesheet" href="stylesheet.css" type="text/css" />
  <form method="post" action="" class="column" id="form1">
    <h1>BotDetect Java CAPTCHA Validation: <br /> JSP Basic CAPTCHA Code Example</h1>
      <legend>Java CAPTCHA validation</legend>
      <label for="captchaCode">Retype the characters from the picture:</label>

      <!-- Adding BotDetect Captcha to the page -->
        Captcha captcha = Captcha.load(request, "exampleCaptcha");
        String captchaHtml = captcha.getHtml();

      <div class="validationDiv">
        <input name="captchaCode" type="text" id="captchaCode" />
        <input type="submit" name="validateCaptchaButton" value="Validate" id="validateCaptchaButton" />
          // when the form is submitted
          if ("POST".equalsIgnoreCase(request.getMethod())) {
            // validate the Captcha to check we're not dealing with a bot
            boolean isHuman = captcha.validate(request.getParameter("captchaCode"));
            if (!isHuman) {
              // Captcha validation failed, show error message
              out.print("<span class=\"incorrect\">Incorrect code</span>");
            } else {
              // Captcha validation passed, perform protected action
              out.print("<span class=\"correct\">Correct code</span>");

After including the BotDetect Captcha library, adding Captcha protection to the form is as simple as creating a Captcha object instance and printing the getHtml(ServletContext context) method result. The same object instance provides easy Captcha validation using the validate(String userInput) method.


<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns=""
    <servlet-name>BotDetect Captcha</servlet-name>
    <servlet-name>BotDetect Captcha</servlet-name>

In WEB-INF/web.xml file we register CaptchaServlet used for BotDetect Captcha requests.

Please Note

BotDetect Java Captcha Library v4.0.Beta3.7 is an in-progress port of BotDetect 4 Captcha, and we need you to guide our efforts towards a polished product. Please let us know if you encounter any bugs, implementation issues, or a usage scenario you would like to discuss.