BotDetect JSP CAPTCHA Integration Quickstart

Unlike Recaptcha the Stalker -- BotDetect CAPTCHA works in China! Licensable source-code; self-hosted -- doesn't stalk -- nor does it slurp your form-data! Think: GDPR & LGPD!

1. Add BotDetect Java CAPTCHA Library Dependency

To manually add BotDetect Captcha library to classpath, copy the following jar files from BotDetect Java download package to application's WEB-INF/lib folder:

  • botdetect-4.0.beta3.5.jar
  • botdetect-servlet-4.0.beta3.5.jar
  • botdetect-jsp20-4.0.beta3.5.jar
  • hsqldb.jar

To share BotDetect Captcha among multiple applications, these BotDetect jar files above should be copied into 'lib' directory of web container or application server's domain.

2. Show a CAPTCHA Challenge on the Form

a) If Java Servlet is a backend for your js-based frontend, perhaps you should start with a guide that describes integration from js-framework point of view: jQuery, Angular, AngularJS, or React.

b) If you are using JSP forms, here is how to display Captcha in your JSP form:

On the very top of the source file for the web form you want to protect against bots, add:

<%@page import="com.captcha.botdetect.web.servlet.SimpleCaptcha"%>

On the web form you want to protect against bots, add:

<%
  // Adding BotDetect Captcha to the page
  SimpleCaptcha captcha = SimpleCaptcha.load(request, "exampleCaptcha");

  String captchaHtml = captcha.getHtml();
  out.write(captchaHtml);
%>

<input id="captchaCode" type="text" name="captchaCode" />

3. Check User Input During Form Submission

When the form is submitted, the Captcha validation result must be checked:

<%
  if ("POST".equalsIgnoreCase(request.getMethod())) {
     // validate the Captcha to check we're not dealing with a bot
     boolean isHuman = captcha.validate(request.getParameter("captchaCode"));
     if (isHuman) {
      // TODO: Captcha validation passed, perform protected action
     } else {
      // TODO: Captcha validation failed, show error message
     }
  }
%>

4. Configure your Application

Update your application configuration (web.xml) file.

<servlet>
  <servlet-name>BotDetect Captcha</servlet-name>
  <servlet-class>com.captcha.botdetect.web.servlet.SimpleCaptchaServlet</servlet-class>
</servlet>
<servlet-mapping>
  <servlet-name>BotDetect Captcha</servlet-name>
  <url-pattern>/botdetectcaptcha</url-pattern>
</servlet-mapping>

5. Configure Captcha options

Configure captcha options in WEB-INF/botdetect.xml configuration file.

<?xml version="1.0" encoding="UTF-8"?>
<botdetect xmlns="https://captcha.com/schema/java" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="https://captcha.com/schema/java 
      https://captcha.com/schema/java/botdetect-4.0.beta3.5.xsd">

  <captchaStyles>
    <captchaStyle>
      <name>exampleCaptcha</name>
      <userInputID>captchaCode</userInputID>
      <codeLength>3-5</codeLength>
    </captchaStyle>
  </captchaStyles>

</botdetect>

In-Depth JSP CAPTCHA Instructions and Explanations

Detailed JSP Captcha instructions and explanations can be found in the JSP Captcha integration how to guide.

Please Note

BotDetect Java Captcha Library v4.0.Beta3.5 is an in-progress port of BotDetect 4 Captcha, and we need you to guide our efforts towards a polished product. Please let us know if you encounter any bugs, implementation issues, or a usage scenario you would like to discuss.