Using reCaptcha at SAP Portal 7.3 Logon Page |
|
If you have a portal which exposed to internet, you may want to use captcha for bots. So in this blog I will implement reCaptcha. Why do I choose reCaptcha? Because it is easy to implement and you dont need to implement a lot of things to work. Let's do it!
First you have to modify logon page. You can find it solution here: http://nwturk.com/blog/2011/06/06/changing-logon-page-on-netweaver-7-3/
You have to import jar files of reCaptcha (link). After importing files modify logonPage.jsp file for reCaptcha.
-Import reCaptcha:
<%@ page import="net.tanesha.recaptcha.ReCaptcha" %>
<%@ page import="net.tanesha.recaptcha.ReCaptchaFactory" %>
-Add reCaptcha code for displaying captcha. You can customize it for your need:
<%
ReCaptcha c = ReCaptchaFactory.newReCaptcha("your public key", "your private key", false);
out.print(c.createRecaptchaHtml(null, null));
%>
Be careful adding these code block between <sap:form type="logon"></sap:form>
We have done about this part. Now it is time to implement login module. You can get more information about login modules from this link. Now you have more information about login modules after link. Implement the class and add a new method to get response.
private String getRequestValue(String parameterName)
throws LoginException {
HttpGetterCallback httpGetterCallback = new HttpGetterCallback();
httpGetterCallback.setType(HttpCallback.REQUEST_PARAMETER);
httpGetterCallback.setName((String) parameterName);
String value = null;
try {
_callbackHandler.handle(new Callback[] { httpGetterCallback });
String[] arrayRequestparam =
(String[]) httpGetterCallback.getValue();
if (_decodeRequestParameter) {
value = URLDecoder.decode(arrayRequestparam[0], "UTF-8");
} else {
value = arrayRequestparam[0];
}
} catch (UnsupportedCallbackException e) {
return null;
} catch (IOException e) {
throwUserLoginException(e, LoginExceptionDetails.IO_EXCEPTION);
}
return value;
}
You can call method with these parameters. (example: String challengefield = getRequestValue("recaptcha_challenge_field");
And also you need client ip address. Here is the moethod to get ip address:
private String getIPAddress(){
String clientIp = "";
try{
HttpGetterCallback hgc = new HttpGetterCallback();
_callbackHandler.handle(new Callback[] { hgc });
hgc.setType(HttpCallback.CLIENT_IP);
clientIp = (String)hgc.getValue();
}catch(Exception ex){
}
return clientIp;
}
If you have a reverse proxy you get ip address of it. So you have to configure it to get clients ip address.
After you get the parameters for reCaptcha check them:
import net.tanesha.recaptcha.ReCaptchaImpl;
import net.tanesha.recaptcha.ReCaptchaResponse;ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
reCaptcha.setPrivateKey("your_private_key");
String ipAdress = getIPAddress();
String challenge = getRequestValue("recaptcha_challenge_field");
String uresponse = getRequestValue("recaptcha_response_field");
ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(ipAdress, challenge, uresponse);
if (reCaptchaResponse.isValid()) {
// do your valid login work
}else{
// do your invalid login work
}Erhan Keseli is an Senior SAP Technical Consultant specialized on Netweaver Technology.
'Technique > 그외' 카테고리의 다른 글
| Customizing Logon Page on Portal 7.3 (0) | 2012.05.10 |
|---|---|
| The Benefits of an Integrated Analytics Framework (2) | 2011.12.01 |
| New Memory Analysis Tools for ABAP Web Dynpro (0) | 2011.03.27 |
| New Memory Analysis Features in NetWeaver 7.0 EHP2 (0) | 2011.03.27 |
| Difference between transactions RS12 / SM12 ? (0) | 2011.03.27 |
