An old version (0.5) of this plugin is available here. This version had some bugs, was missing some features I needed, and wasn't available in the main plugin repository, so I created this fork.

Overview

A CAPTCHA is a small image that is embedded in a HTML form to protect against automated completion and submission of HTML forms. They generally consist of an image of a short string of random characters visually obsfucated in some way (see wikipedia for more information).

This plugin generates a small CAPTCHA image when the CaptchaController is invoked. The CAPTCHA image and it's solution is stored in the session by default, though the pugin can be used without session storage if necessary. A typical example of the CAPTCHAs generated by this plugin is shown below

Why another CAPTCHA plugin?

Although there is already a Grails plugin available for reCAPTCHA (a very popular CAPTCHA implementation), there are a number of differences between these two plugins:

• reCAPTCHA can be slow to load because the CAPTCHA image is created and solved at a remote server. This plugin creates its own CAPTCHA images, so no remote requests are required to create or solve the CAPTCHAs
• reCAPTCHA challenges can be very difficult to solve, whereas the CAPTCHAs generated by this plugin are very easy to solve
• The solution of this plugin's CAPTCHA challenges is case insensitive
• The CAPTCHAs generated by this plugin can be displayed in multiple places on the same page, there is no easy way to do this with reCAPTCHA

Usage

• A CAPTCHA can be added to a form using the following GSP code

<img src="${createLink(controller: 'simpleCaptcha', action: 'captcha')}"/>
<label for="captcha">Type the letters above in the box below:</label>
<g:textField name="captcha"/>

As mentioned above, the CAPTCHAs generated by this plugin can be simultaneously displayed in several places on the same page (this is only possible with reCAPTCHA if you use JavaScript to clone the CAPTCHA).

To check whether the solution to the CAPTCHA is correct:

class MyController {
  def simpleCaptchaService
  // This is the action that handles the submission of the form with the CAPTCHA
  def save = {
    boolean captchaValid = simpleCaptchaService.validateCaptcha(params.captcha)   
  }
}

The process of validating a CAPTCHA also removes it from the session, so it is only possible to validate each CAPTCHA once. The CAPTCHA is removed from the seesion after validation to ensure that the next time a CAPTCHA is requested, a different challenge will be presented.

Configuration

simpleCaptcha {
    // font size used in CAPTCHA images
    fontSize = 30
    height = 200
    width = 200
    // number of characters in CAPTCHA text
    length = 6
    // amount of space between the bottom of the CAPTCHA text and the bottom of the CAPTCHA image
    bottomPadding = 16
    // distance between the diagonal lines used to obfuscate the text
    lineSpacing = 10
    // the charcters shown in the CAPTCHA text must be one of the following
    chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
    // this param will be passed as the first argument to this java.awt.Font constructor
    // http://docs.oracle.com/javase/6/docs/api/java/awt/Font.html#Font(java.lang.String,%20int,%20int)
    font = "Serif"
}

Session Storage

simpleCaptcha.storeInSession = false

If session storage is disabled it is not possible to display a CAPTCHA in multiple places on the same page.

Thanks to Rick Lansky for contributing this feature.