adding captcha for sign-up screen.

git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6325 71c3de6d-444a-0410-be80-ed276b4c234a

adding captcha for sign-up screen.
git-svn-id: https://hudson.dev.java.net/svn/hudson/trunk/hudson/main@6325 71c3de6d-444a-0410-be80-ed276b4c234a
38036041 · kohsuke · ef53df8c · 38036041 · 38036041 · 38036041
4 changed file
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -446,6 +446,49 @@
      <artifactId>commons-collections</artifactId>
      <version>3.2</version>
    </dependency>
+    <dependency>
+      <groupId>com.octo.captcha</groupId>
+      <artifactId>jcaptcha-all</artifactId>
+      <version>1.0-RC6</version>
+      <exclusions>
+        <exclusion>
+          <groupId>hsqldb</groupId>
+          <artifactId>hsqldb</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>hsqldb</groupId>
+          <artifactId>hsqldb</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>net.sf.ehcache</groupId>
+          <artifactId>ehcache</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>quartz</groupId>
+          <artifactId>quartz</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>xerces</groupId>
+          <artifactId>xercesImpl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>xerces</groupId>
+          <artifactId>xmlParserAPIs</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.springframework</groupId>
+          <artifactId>spring</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>commons-dbcp</groupId>
+          <artifactId>commons-dbcp</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>concurrent</groupId>
+          <artifactId>concurrent</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
  </dependencies>

 </project>
--- a/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
+++ b/core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java
@@ -12,6 +12,10 @@ import org.acegisecurity.userdetails.UserDetails;
 import org.acegisecurity.userdetails.UserDetailsService;
 import org.acegisecurity.userdetails.UsernameNotFoundException;
 import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;

 /**
 * {@link SecurityRealm} that performs authentication by looking up {@link User}.
@@ -30,6 +34,15 @@ public class HudsonPrivateSecurityRealm extends SecurityRealm {
        return DescriptorImpl.INSTANCE;
    }

+    /**
+     * Creates an user account.
+     */
+    public void doCreateAccount(StaplerRequest req, StaplerResponse rsp) throws IOException {
+        rsp.getWriter().println(
+           validateCaptcha(req.getParameter("captcha"))
+        );
+    }
+
    // TODO
    private static final GrantedAuthority[] TEST_AUTHORITY = {new GrantedAuthorityImpl("authenticated")};


--- a/core/src/main/java/hudson/security/SecurityRealm.java
+++ b/core/src/main/java/hudson/security/SecurityRealm.java
@@ -9,8 +9,21 @@ import org.acegisecurity.Authentication;
 import org.acegisecurity.AuthenticationManager;
 import org.springframework.context.ApplicationContext;
 import org.kohsuke.stapler.Stapler;
+import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.StaplerResponse;
+import org.kohsuke.stapler.QueryParameter;
+import org.apache.tools.ant.types.resources.selectors.None;
+import org.apache.maven.plugin.logging.Log;

 import java.util.Map;
+import java.util.logging.Logger;
+import java.util.logging.Level;
+import java.io.IOException;
+
+import com.octo.captcha.service.image.DefaultManageableImageCaptchaService;
+import com.octo.captcha.service.CaptchaServiceException;
+
+import javax.imageio.ImageIO;

 /**
 * Pluggable security realm that connects external user database to Hudson.
@@ -66,6 +79,36 @@ public abstract class SecurityRealm implements Describable<SecurityRealm>, Exten
        return clz.getClassLoader().getResource(clz.getName().replace('.','/')+"/signup.jelly")!=null;
    }

+    /**
+     * {@link DefaultManageableImageCaptchaService} holder to defer initialization.
+     */
+    private static final class CaptchaService {
+        private static final DefaultManageableImageCaptchaService INSTANCE = new DefaultManageableImageCaptchaService();
+    }
+
+    /**
+     * Generates a captcha image.
+     */
+    public final void doCaptcha(StaplerRequest req, StaplerResponse rsp) throws IOException {
+        String id = req.getSession().getId();
+        rsp.setContentType("image/png");
+        ImageIO.write( CaptchaService.INSTANCE.getImageChallengeForID(id), "PNG", rsp.getOutputStream() );
+    }
+
+    /**
+     * Validates the captcha.
+     */
+    protected final boolean validateCaptcha(String text) {
+        try {
+            String id = Stapler.getCurrentRequest().getSession().getId();
+            Boolean b = CaptchaService.INSTANCE.validateResponseForID(id, text);
+            return b!=null && b;
+        } catch (CaptchaServiceException e) {
+            LOGGER.log(Level.INFO, "Captcha validation had a problem",e);
+            return false;
+        }
+    }
+
    /**
     * Picks up the instance of the given type from the spring context.
     * If there are multiple beans of the same type or if there are none,
@@ -124,4 +167,6 @@ public abstract class SecurityRealm implements Describable<SecurityRealm>, Exten
        HudsonPrivateSecurityRealm.DescriptorImpl.INSTANCE,
        LDAPSecurityRealm.DESCRIPTOR
    );
+
+    private static final Logger LOGGER = Logger.getLogger(SecurityRealm.class.getName());
 }
--- a/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
+++ b/core/src/main/resources/hudson/security/HudsonPrivateSecurityRealm/signup.jelly
 <j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
  <l:layout norefresh="true">
+    <l:header>
+      <style>
+        <!-- match width with captcha image -->
+        INPUT {
+          width:200px;
+        }
+      </style>
+    </l:header>
    <st:include page="sidepanel.jelly" it="${app}" />
    <l:main-panel>
      <h1>Sign up</h1>
@@ -26,6 +34,13 @@
              <td>E-mail address:</td>
              <td><input type="text" name="email" /></td>
            </tr>
+            <tr>
+              <td>Enter text as shown:</td>
+              <td>
+                <input type="text" name="captcha" autocomplete="off" /><br />
+                <img src="securityRealm/captcha"/>
+              </td>
+            </tr>
          </table>
          <f:submit value="Sign up" />
          <script>