Embedding reCAPTCHA verification in an Info Map mechanism
You can embed reCAPTCHA verification in Info Map mechanism instances.
The Site Key and Secret Key configured in the reCAPTCHA Verification mechanism are made available to the Info Map mechanism via two default macros: @RECAPTCHASITEKEY@ and @RECAPTCHASECRETKEY@.
For more information about configuring reCAPTCHA support, see Configuring the reCAPTCHA Verification authentication mechanism.
In the HTML template:
- Include the reCAPTCHA JavaScript in the head of your template
- Include the reCAPTCHA element in your form
For example:
...
<SCRIPT SRC="https://www.google.com/recaptcha/api.js" ASYNC DEFER></SCRIPT>
...
<DIV CLASS="g-recaptcha" DATA-SITEKEY="@RECAPTCHASITEKEY@"></DIV>
...
In the JavaScript mapping rule:
- The reCAPTCHA response is received in a request parameter named g-recaptcha-response
- Verification can be performed in the JavaScript mapping rule
For example:
importClass(Packages.com.ibm.security.access.recaptcha.RecaptchaClient);
...
// Retrieve the reCAPTCHA response from the request.
var captchaResponse = context.get(Scope.REQUEST, "urn:ibm:security:asf:request:parameter",
"g-recaptcha-response");
// Verify captchaResponse with Google, using @RECAPTCHASECRETKEY@. The third parameter
allows you to overload Google's verify endpoint URL, passing null will use the default.
var captchaVerified = (captchaResponse != null) && RecaptchaClient.verify(captchaResponse,
macros.get("@RECAPTCHASECRETKEY@"), null);