13 Mar
2009
13 Mar
'09
9:35 a.m.
On Mar 13, 2009, at 8:36 AM, Jerome Velociter wrote:
Hello Devs,
I'm starting to think about the integration of JCaptcha 2.0
(http://forge.octo.com/jcaptcha/confluence/display/general/Simple+Servlet+In…
)
that would deprecated our current Captcha plugin.
I think we need it as a component, for example xwiki-captcha
We can have a CaptchaedRequestValidator component interface that
declares the following method :
boolean validateCaptcha(HttpServletRequest request);
which would be called from the register action, comment add action,
etc.
(anywhere a captcha is needed - we could even expose a velocity API if
we need it)
WDYT ?
Hmm. Is it possible not to have it not depend on any environment
(servlet or other) or not? ie internally use the Execution Context and
any passed parameters. This is important since captcha could be used
in a variety of environments, be it portlets, servlets, maybe even web
services although that would probably be done best with a token.
So if it can be made to use the EC it's best, otherwise it should not
have request as parameter since any implementation can have the
Container object injected. If we prefer to pass a parameter (I'm still
ambivalent about this, it would be better when used in non component
env for sure) then Container can be passed. Again that's if we cannot
make it indep of the env.
Just to be sure, the public API exposed by xwiki-captcha would be
generic and not tied to any captcha implementation right?
Thanks
-Vincent