Author: ajaquith
Date: Tue Feb 23 21:52:41 2010
New Revision: 915535
URL: http://svn.apache.org/viewvc?rev=915535&view=rev
Log:
Captcha interface gains an isEnabled() method to allow SpamProtect tag to check
whether the CAPTCHA is operational before generating output. This is required
in stand-alone or testing scenarios where an outbound network connection cannot
be assumed.
Modified:
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/AsirraCaptcha.java
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/Captcha.java
incubator/jspwiki/trunk/src/java/org/apache/wiki/tags/SpamProtectTag.java
incubator/jspwiki/trunk/tests/java/org/apache/wiki/content/inspect/AsirraCaptchaTest.java
Modified:
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/AsirraCaptcha.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/AsirraCaptcha.java?rev=915535&r1=915534&r2=915535&view=diff
==============================================================================
---
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/AsirraCaptcha.java
(original)
+++
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/AsirraCaptcha.java
Tue Feb 23 21:52:41 2010
@@ -1,6 +1,8 @@
package org.apache.wiki.content.inspect;
import java.io.IOException;
+import java.net.MalformedURLException;
+import java.net.URL;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
@@ -162,14 +164,24 @@
private static final String SESSION_ID_PARAM = "asirra_session_id";
+ private boolean m_enabled = false;
+
/**
* The URL used to obtain challenge responses, not including the random
* number suffix.
*/
protected static final String CHALLENGE_URL =
"http://challenge.asirra.com/cgi/Asirra?action=CreateSession";;
+ /**
+ * The URL used to verify correct answers, not including the random number
suffix.
+ */
protected static final String CHECK_URL =
"http://challenge.asirra.com/cgi/Asirra?action=ScoreResponse";;
+ /**
+ * The URL used to determine whether this CAPTCHA should be enabled.
+ */
+ protected static final String SERVICE_URL = "http://challenge.asirra.com/";;
+
private static Logger log = LoggerFactory.getLogger( AsirraCaptcha.class );
/**
@@ -347,5 +359,30 @@
*/
public void initialize( InspectionPlan config )
{
+ try
+ {
+ URL url = new URL( SERVICE_URL );
+ url.openConnection();
+ m_enabled = true;
+ }
+ catch( MalformedURLException e )
+ {
+ // Should not happen
+ }
+ catch( IOException e )
+ {
+ // Couldn't connect
+ log.info( "Asirra CAPTCHA service not available. Disabling..." );
+ }
+ }
+
+ /**
+ * Returns {...@code true} if the Asirra CAPTHCA service can be reached.
+ * If the service cannot be contacted, for example because no network
+ * interface is available, this method returns {...@code false}.
+ */
+ public boolean isEnabled()
+ {
+ return m_enabled;
}
}
Modified:
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/Captcha.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/Captcha.java?rev=915535&r1=915534&r2=915535&view=diff
==============================================================================
---
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/Captcha.java
(original)
+++
incubator/jspwiki/trunk/src/java/org/apache/wiki/content/inspect/Captcha.java
Tue Feb 23 21:52:41 2010
@@ -5,4 +5,10 @@
*/
public interface Captcha extends Challenge
{
+ /**
+ * Returns {...@code true} if the CAPTCHA is operational. If not
operational,
+ * CAPTCHA testing will not be performed.
+ * @return the result
+ */
+ public boolean isEnabled();
}
Modified:
incubator/jspwiki/trunk/src/java/org/apache/wiki/tags/SpamProtectTag.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/java/org/apache/wiki/tags/SpamProtectTag.java?rev=915535&r1=915534&r2=915535&view=diff
==============================================================================
--- incubator/jspwiki/trunk/src/java/org/apache/wiki/tags/SpamProtectTag.java
(original)
+++ incubator/jspwiki/trunk/src/java/org/apache/wiki/tags/SpamProtectTag.java
Tue Feb 23 21:52:41 2010
@@ -53,15 +53,16 @@
* </p>
* <p>
* This tag has one optional; attribute, {...@code challenge}. If supplied, a
- * {...@link Challenge} will be rendered in the format specified. The value
{...@code
- * captcha} indicates that a CAPTCHA will be rendered using the CAPTCHA object
- * configured for the WikiEngine. The value {...@code password} indicates that
the
- * user must supply their password. The password option is only available if
the
+ * {...@link Challenge} will be rendered in the format specified. The value
+ * {...@code captcha} indicates that a CAPTCHA will be rendered using the
+ * {...@link org.apache.wiki.content.inspect.Captcha} object configured for the
+ * WikiEngine, if it is enabled. The value {...@code password} indicates that
the user
+ * must supply their password. The password option is only available if the
* user is already logged in, and JSPWiki is using built-in authentication. If
* container authentication is used or if the user is not logged in, the
{...@code
* password} will be ignored. If {...@code challenge} is not supplied, a
CAPTCHA
* will be generated on-demand if {...@link SpamInterceptor} determined that
the
- * ActionBean contains spam.
+ * ActionBean contains spam, <em>unless</em> the CAPTCHA is disabled.
* </p>
* <p>
* This tag must be added as a child of an existing <form> or
@@ -228,6 +229,7 @@
SpamInspectionPlan plan = SpamInspectionPlan.getInspectionPlan( engine
);
WikiActionBeanContext actionBeanContext =
m_wikiActionBean.getContext();
String challengeContent = null;
+ boolean writeCaptcha = false;
switch( m_challenge )
{
@@ -236,22 +238,34 @@
break;
}
case CAPTCHA_PRESENTED: {
- Captcha captcha = plan.getCaptcha();
- challengeContent = captcha.formContent( actionBeanContext );
+ writeCaptcha = true;
break;
}
case CHALLENGE_NOT_PRESENTED: {
if( isSpamDetected( actionBeanContext ) )
{
m_challenge = Challenge.State.CAPTCHA_PRESENTED;
- Captcha captcha = plan.getCaptcha();
- challengeContent = captcha.formContent( actionBeanContext
);
+ writeCaptcha = true;
}
break;
}
}
+
+ // Only generate CAPTCHA if it is actually functioning
+ Captcha captcha = plan.getCaptcha();
+ if ( writeCaptcha )
+ {
+ if ( captcha.isEnabled() )
+ {
+ challengeContent = captcha.formContent( actionBeanContext );
+ }
+ else
+ {
+ m_challenge = Challenge.State.CHALLENGE_NOT_PRESENTED;
+ }
+ }
- // Always output the Challenge request parameter
+ // Always output the Challenge request parameter, for all values
JspWriter out = getPageContext().getOut();
out.write( "<input name=\"" + SpamInterceptor.CHALLENGE_REQUEST_PARAM
+ "\" type=\"hidden\" value=\""
+ CryptoUtil.encrypt( String.valueOf( m_challenge.name() )
) + "\" />\n" );
Modified:
incubator/jspwiki/trunk/tests/java/org/apache/wiki/content/inspect/AsirraCaptchaTest.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/tests/java/org/apache/wiki/content/inspect/AsirraCaptchaTest.java?rev=915535&r1=915534&r2=915535&view=diff
==============================================================================
---
incubator/jspwiki/trunk/tests/java/org/apache/wiki/content/inspect/AsirraCaptchaTest.java
(original)
+++
incubator/jspwiki/trunk/tests/java/org/apache/wiki/content/inspect/AsirraCaptchaTest.java
Tue Feb 23 21:52:41 2010
@@ -77,7 +77,7 @@
/**
* Does a live HTTP GET to Asirra and confirms that we can still extract
valid session IDs and challenges.
- * @throws Exception
+ * @throws Exception if the Asirra service cannot be contacted
*/
public void testGetChallengeResponse() throws Exception
{
