Struts Basic CAPTCHA Code Example

The Struts Basic Captcha code example shows the most basic source code required to protect a Struts form with BotDetect CAPTCHA and validate the user input.

It can be used as a starting point when you are getting started with BotDetect.

Download the BotDetect Java CAPTCHA Generator archive to run this example

Within this page, the root folder of the extracted archive is referred as the <BDC-DIR>.

This example is in the <BDC-DIR>/examples/t_api-captcha-struts2-api_basics/ folder; and contains the following files:

Running Example

This example's war file (in BotDetect download package) already embeds all dependencies.

In case you are making this example from scratch in your IDE, you need to ensure botdetect.jar, botdetect-servlet.jar, and botdetect-jsp20.jar are in the classpath.

index.jsp

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%@ taglib prefix="s" uri="/struts-tags"%>
<%@ taglib prefix="botDetect" uri="https://captcha.com/java/jsp"%>
<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    <title>BotDetect Java CAPTCHA Validation: Struts 2 Basic CAPTCHA Code Example</title>
    <link rel="stylesheet" href="stylesheet.css" type="text/css" />
  </head>
  <body>
    <s:form action="captchaAction" method="post"  theme="css_xhtml">
      <h1>BotDetect Java CAPTCHA Validation: <br /> Struts 2 Basic CAPTCHA Code Example</h1>
      <fieldset>
        <legend>Java CAPTCHA validation</legend>
        <label for="captchaCode">Retype the characters from the picture:</label>
      
        <!-- Adding BotDetect Captcha to the page -->    
        <botDetect:captcha id="exampleCaptcha" userInputID="captchaCode"/>
        
        <br/>
        <s:textfield name="captchaCode"/>
        <s:submit name="validateCaptchaButton" label="Validate" id="validateCaptchaButton"/>
      </fieldset>
    </s:form>
  </body>
</html>

We add Captcha protection to the form using the standard procedure.

[back to the top of the page]

BasicCaptchaAction.java

package com.captcha.botdetect.examples.struts.basic_captcha.actions;

import com.captcha.botdetect.web.servlet.Captcha;
import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.ServletActionContext;

public class BasicCaptchaAction extends ActionSupport {
  
  private String captchaCode;

  public String getCaptchaCode() {
    return captchaCode;
  }

  public void setCaptchaCode(String captchaCode) {
    this.captchaCode = captchaCode;
  }
  
  public String execute() {
    return SUCCESS;
  }
  
  public void validate() {
    Captcha captcha = Captcha.load(ServletActionContext.getRequest(), "exampleCaptcha");
    boolean isHuman = captcha.validate(captchaCode);
    if (!isHuman) {
      addFieldError("captchaCode", "Incorrect code");
    }
    
    // reset captcha code textbox
    captchaCode = null;
  }
}

In the validate method, we check the captcha code when it is submitted. The captcha code is stored in and retrieved from the field of this class via the accesser methods.

[back to the top of the page]

struts.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE struts PUBLIC
  "-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
  "http://struts.apache.org/dtds/struts-2.3.dtd">

<struts>
  <constant name="struts.devMode" value="true" />
  <constant name="struts.action.excludePattern" value="/botdetectcaptcha"/>
    
  <package name="basicCaptcha" extends="struts-default">
    <action name="captchaAction"
        class="com.captcha.botdetect.examples.struts.basic_captcha.actions.BasicCaptchaAction" method="execute">
      <result name="input">/index.jsp</result>
      <result name="success">/success.jsp</result>
   </action>
  </package>
</struts>

In struts.xml configuration file, you also need to add exclude directive for CaptchaServlet to Struts 2 filter.

[back to the top of the page]

web.xml

<?xml version="1.0" encoding="UTF-8"?>
<web-app id="struts2-jquery-showcase" version="2.4"
    xmlns="http://java.sun.com/xml/ns/j2ee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  <session-config>
    <session-timeout>
      30
    </session-timeout>
  </session-config>
  
  <display-name>Struts 2 Web Application</display-name>

  <filter>
    <filter-name>struts2</filter-name>
    <filter-class>org.apache.struts2.dispatcher.ng.filter.StrutsPrepareAndExecuteFilter</filter-class>
  </filter>

  <filter-mapping>
    <filter-name>struts2</filter-name>
    <url-pattern>/*</url-pattern>
  </filter-mapping>
  
  <servlet>
    <servlet-name>BotDetect Captcha</servlet-name>
    <servlet-class>com.captcha.botdetect.web.servlet.CaptchaServlet</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>BotDetect Captcha</servlet-name>
    <url-pattern>/botdetectcaptcha</url-pattern>
  </servlet-mapping>
  
  <welcome-file-list>
    <welcome-file>index.jsp</welcome-file>
  </welcome-file-list>
</web-app>

In WEB-INF/web.xml file we register CaptchaServlet used for BotDetect Captcha requests.

[back to the top of the page]


Please Note

BotDetect Java Captcha Library v4.0.Beta3.7 is an in-progress port of BotDetect 4 Captcha, and we need you to guide our efforts towards a polished product. Please let us know if you encounter any bugs, implementation issues, or a usage scenario you would like to discuss.

© Captcha, Inc. 2004-2023. All rights reserved.

BotDetect, BotDetect CAPTCHA, Lanap, Lanap CAPTCHA, Lanap BotDetect, Lanap BotDetect CAPTCHA, Lanapsoft, Lanapsoft CAPTCHA, Lanapsoft BotDetect, Lanapsoft BotDetect CAPTCHA, and Lanap Software are trademarks of Captcha, Inc. All other product, brand, and company names are mentioned for identification purposes only and are trademarks or registered trademarks of their respective owners.

Captcha, Inc. -- formerly: Lanapsoft, Inc. / Lanap, Inc.