I have a situation: my Java program deployed on a server fetches a page from a website, which has a captcha image. The image will be displayed to the end-user and the end-user will enter the value of the captcha and submit that page to the server. The server will submit that value to the main website.
I have tried it using http client but on submitting, it says invalid image value.
Please help me.
code to show user capthca image
HttpClient hc=new HttpClient();
GetMethod gm=new GetMethod("https://abc.com/register");
int sta=hc.executeMethod(gm);
String line=gm.getResponseBodyAsString();
urlStr="https://abc.com/captchaImage";
URL url=new URL(urlStr);
BufferedImage img1 = ImageIO.read(url);
ImageIO.write(img1, "jpg", out);
submit requets to abc.com
HttpClient hc=new HttpClient();
PostMethod hm=new PostMethod("https://abc.com/submit");
hm.addParameter("pwd","Asdf@123456" );
hm.addParameter("confirmPwd","Asdf@123456");
hm.addParameter("hintQues","Birth+City");
hm.addParameter("hintAns","fdgf");
hm.addParameter("captchavalue",request.getParameter("cap"));
hm.addParameter("register","Register");
int returnCode = hc.executeMethod(hm);
out.println(hm.getResponseBodyAsString());
I have not analyzed how abc.com’s registration work, but I would bet that it uses either some hidden field (for which I see no parameter in your code), or a cookie to remember which captcha was displayed to the user, and thus verify if the captcha value sent by the browser is the right value.
Since you don’t send the hidden field value, and since you’re using a fresh new HttpClient instance, you’re sending a captcha value to the server, but it has no way to know for which captcha you’re sending this value, and so can’t verify it.
Try reusing the same instance of HttpClient than the one used to get the registration page from the server. This way, cookies stored in the HttpClient’s state will be sent back to the server.