Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEC-737: Move captcha module to sandbox #976

Closed
spring-projects-issues opened this issue Mar 29, 2008 · 5 comments
Closed

SEC-737: Move captcha module to sandbox #976

spring-projects-issues opened this issue Mar 29, 2008 · 5 comments
Labels
type: jira An issue that was migrated from JIRA type: task A general task
Milestone
2.0.0 RC1

Comments

@spring-projects-issues
Copy link

Luke Taylor(Migrated from SEC-737) said:

We’ve decided to sandbox the current captcha integration layer since the original contributor is no longer actively maintaining it.
@spring-projects-issues
Copy link
Author

Jon Osborn said:

Luke, I’d be happy to maintain the captcha code.

Jon

@spring-projects-issues
Copy link
Author

Ben Alex said:

Thanks for the offer to maintain the integration, although at this stage we’re going to leave it in the sandbox. The rationale for this is that the prior < 2.0.0 releases required the end user to manually compile code in order to use the integration, and as such we do not believe many (if any) users would have actually deployed the integration. Removing it therefore probably does not represent a loss to the majority of users. More fundamentally, Captcha integration with Spring Security is an ambiguous requirement. The prior integration simply required human user verification if certain request frequencies were met. Instead, most Captcha usage is embedded within a page (eg a lost password page) and therefore becomes more of an issue of designing the view/controller correctly. Such usage is out of scope for Spring Security, as it’s a web framework consideration. Additionally, the recent popularity of reCAPTCHA means any integration would need to be sufficiently generalised that it accommodates both, and for us to also address reCAPTCHA integration would represent additional time and effort.

We have not a final decision to permanently leave the Captcha integration in the sandbox nor promote nor remove it. It simply requires some more consideration and design, and at this stage we need to focus on completing the namespace improvements and documentation of the many new capabilities in 2.0.

Cheers
Ben

@spring-projects-issues
Copy link
Author

Jon Osborn said:

Ben,
Excellent…I agree that the requirement for captcha doesn’t fit well into what spring/spring security are attempting to accomplish. Is there a place in codehaus or some other environment I can host the code? I have completely re-written the captcha implementation to fit nicely with spring security 2.0 so I’d like to get it out there.

I’m already a committer on codehaus so maybe that is good option?

Beers,
Jon

@spring-projects-issues
Copy link
Author

Jon Osborn said:

Luke, Ben, what about a ‘sub-project’ for spring security?

@spring-projects-issues
Copy link
Author

Batbayar Bazarragchaa said:

Could you please create sub project in spring or commit the code into any repository?
I really need the captcha support in spring.

Thanks,
Batbayar

@spring-projects-issues spring-projects-issues added Closed type: task A general task type: jira An issue that was migrated from JIRA labels Feb 5, 2016
@spring-projects-issues spring-projects-issues added this to the 2.0.0 RC1 milestone Feb 5, 2016
@rwinch rwinch mentioned this issue Feb 6, 2016
Closed
This was referenced Feb 6, 2016
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type: jira An issue that was migrated from JIRA type: task A general task
Projects
None yet
Milestone
2.0.0 RC1
Development

No branches or pull requests
1 participant
@spring-projects-issues