PeopleSoft Technical Hub: February 2025

Thursday, February 27, 2025

Implement reCaptcha in PeopleSoft

Implementing reCAPTCHA in PeopleSoft involves integrating Google's reCAPTCHA service with PeopleSoft components, typically for login pages or custom forms to enhance security. Here's a step-by-step guide to implementing reCAPTCHA in PeopleSoft:

🛠 1. Register for reCAPTCHA

Go to Google reCAPTCHA.
Choose reCAPTCHA v2 ("I'm not a robot" Checkbox) or Invisible reCAPTCHA.
Register your site and get the Site Key and Secret Key.

📂 2. Add reCAPTCHA to PeopleSoft Page

Open Application Designer:
- Navigate to the component or page where you want to add reCAPTCHA.
Insert HTML Area:
- Add an HTML Area to the page.
HTML Code for reCAPTCHA:
- In HTML Object, add the following code:

<!DOCTYPE html>
<html>
<head>
  <script src="https://www.google.com/recaptcha/api.js" async defer></script>
</head>
<body>
  <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY"></div>
</body>
</html>

Replace "YOUR_SITE_KEY" with the Site Key from Google.

🧠 3. Backend Verification with PeopleCode

On form submission, verify the reCAPTCHA response using PeopleCode and a POST request to the reCAPTCHA API.
PeopleCode:

/* Get the reCAPTCHA response from the HTML form */
Local string &recaptchaResponse, &secretKey, &apiUrl, &postData, &response;
Local ApiObject &httpRequest, &httpResponse;

&recaptchaResponse = GetField(Field.YOUR_HTML_FIELD).Value; /* Replace with your HTML Area field name */
&secretKey = "YOUR_SECRET_KEY";
&apiUrl = "https://www.google.com/recaptcha/api/siteverify";

/* Prepare POST data */
&postData = "secret=" | &secretKey | "&response=" | &recaptchaResponse;

/* Make HTTP POST request */
&httpRequest = CreateObject("PeopleSoft.HttpClient");
&httpRequest.SetHeader("Content-Type", "application/x-www-form-urlencoded");
&httpRequest.Post(&apiUrl, &postData);

/* Get the response */
&httpResponse = &httpRequest.ResponseText;

/* Parse the response */
If Find("true", &httpResponse) > 0 Then
   MessageBox(0, "", 0, 0, "reCAPTCHA verification successful!");
Else
   MessageBox(0, "", 0, 0, "Please verify that you are not a robot.");
   /* Optionally, prevent further processing */
   Exit(1);
End-If;

4. Test the reCAPTCHA Integration

Clear Cache and Compile the page/component.
Open the page in the browser, complete the reCAPTCHA, and submit the form.
Ensure the verification process is working correctly.
Here's a simple JavaScript code to dynamically generate a 6-digit CAPTCHA displayed in a box-like image style using HTML Canvas. This approach makes the CAPTCHA non-selectable and slightly distorted to enhance security.

🚦 Example Output:

A randomly generated CAPTCHA (e.g., 8F6A2Z) will be displayed in a styled box with a refresh button.

🧾 Code Implementation:

<!DOCTYPE html>

<html lang="en">

<head>

<meta charset="UTF-8">

<meta name="viewport" content="width=device-width, initial-scale=1.0">

<title>Dynamic CAPTCHA Generator</title>

<style>

.captcha-container {

display: flex;

align-items: center;

gap: 10px;

}

canvas {

border: 2px solid #ddd;

border-radius: 5px;

background-color: #f9f9f9;

}

.refresh-btn {

padding: 5px 10px;

border: none;

background-color: #4caf50;

color: white;

cursor: pointer;

border-radius: 5px;

transition: background-color 0.3s;

}

.refresh-btn:hover {

background-color: #45a049;

}

</style>

</head>

<body>

<div class="captcha-container">

<canvas id="captchaCanvas" width="150" height="50"></canvas>

<button class="refresh-btn" onclick="generateCaptcha()">Refresh</button>

</div>

<script>

function generateCaptcha() {

const canvas = document.getElementById('captchaCanvas');

const ctx = canvas.getContext('2d');

const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';

let captchaText = '';

// Generate random 6-character CAPTCHA

for (let i = 0; i < 6; i++) {

captchaText += chars.charAt(Math.floor(Math.random() * chars.length));

}

// Draw background

ctx.fillStyle = '#f9f9f9';

ctx.fillRect(0, 0, canvas.width, canvas.height);

// Add random lines for distortion

for (let i = 0; i < 5; i++) {

ctx.strokeStyle = `rgba(${Math.floor(Math.random() * 255)}, ${Math.floor(Math.random() * 255)}, ${Math.floor(Math.random() * 255)}, 0.7)`;

ctx.beginPath();

ctx.moveTo(Math.random() * canvas.width, Math.random() * canvas.height);

ctx.lineTo(Math.random() * canvas.width, Math.random() * canvas.height);

ctx.stroke();

}

// Draw CAPTCHA text

ctx.font = '30px Arial';

ctx.fillStyle = '#333';

ctx.setTransform(1, Math.random() * 0.2, Math.random() * 0.2, 1, Math.random() * 5, Math.random() * 5);

ctx.fillText(captchaText, 25, 35);

ctx.setTransform(1, 0, 0, 1, 0, 0); // Reset transform

// Store CAPTCHA text for validation

document.getElementById('captchaCanvas').dataset.captcha = captchaText;

}

// Generate initial CAPTCHA on page load

window.onload = generateCaptcha;

</script>

</body>

</html>

OpenSSH keys(Private & Public) setup to authorize users for ssh, sftp, scp etc.

Make OpenSSH keys for password less authentication for ssh, sftp, scp etc.

Create OpenSSH keys as a user.

1. Please Log in to source server (SOURCE1) as the user (hmahanta) you will be using the keys for.
2. Check to see if there is a public key there already:
SOURCE1>$/home/hmahanta>cd .ssh
SOURCE1>$/home/hmahanta/.ssh>ls -al
total 48
drwx------ 2 hmahanta hmahantagrp 256 Mar 21 23:50 ./
drwxr-xr-x 11 hmahanta hmahantagrp 8192 Mar 21 13:39 ../
-rw-r--r-- 1 hmahanta hmahantagrp 796 Mar 22 10:04 authorized_keys
-rw------- 1 hmahanta hmahantagrp 1671 Mar 21 23:50 id_rsa
-rw-r----- 1 hmahanta hmahantagrp 399 Mar 21 23:50 id_rsa.pub
-rw-r--r-- 1 hmahanta hmahantagrp 2014 Mar 22 09:44 known_hosts

Important Note: if files id_rsa, id_rsa.pub exists then do not generate new keys

3. Only if the .ssh directory does not exist, or if the the file id_rsa and id_rsa.pub do not exist, then type “ssh-keygen” and accept the defaults. No need to type a password.

SOURCE1>$/home/hmahanta> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/hmahanta/.ssh/id_rsa):
Created directory '/home/hmahanta/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/hmahanta/.ssh/id_rsa.
Your public key has been saved in /home/hmahanta/.ssh/id_rsa.pub.
The key fingerprint is:
0f:21:c9:70:be:9a:36:fa:e1:04:4a:ea:5e:6f:98:63

4. This will create your key files
SOURCE1>$ ls -l
total 24
-rw------- 1 hmahanta staff 1671 Feb 24 15:40 id_rsa
-rw-r--r-- 1 hmahanta staff 398 Feb 24 15:40 id_rsa.pub

5. Use cat to get your public key. Note: this is a single line, may not look like it, but it is and has to be.

/home/hmahanta>$cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4XPgwlGdU5WBkNwUw2TzESY1jw9brCO33h5Lh306c5U/HGXHmM9ReKs9Cwqm5BAX2+qYNjxWAKSXb2+O18zrcGTY+gDWc/XaKovmCsHEeOq8JIteW6yf2BrKo0OfX4I8cPNgY2xHyplD86GOis026d0zxA6KJz6EZf1zllXzG+IVapkemc/QeLRiE89GMKqnwKZieez69Y+6PpT5KwQTomaXWjCRBQgpsEiIhOfAFs8q1TxibUbppoeM3jMj5M0sWG52Q== hmahanta@SOURCE1

6. This text has to be copied in to a file called authorized_keys in the users ~/.ssh directory on the target server TARGET1.

7. Connect to the target server TARGET1 as the same user hmahanta.
SOURCE1> ssh TARGET1
The authenticity of host 'TARGET1 (10.6.5.92)' can't be established.
RSA key fingerprint is 63:fe:10:d1:7a:43:65:e0:35:cf:eb:79:41:45:a4:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'TARGET1,10.6.5.92' (RSA) to the list of known hosts.
hmahanta@TARGET1's password: (type in the users password here)

8. Again test to see if a public key exists:
TARGET1>$cd .ssh
TARGET1>$ls -al
total 48
drwx------ 2 hmahanta hmahanta 256 Mar 21 23:50 ./
drwxr-xr-x 11 hmahanta hmahanta 8192 Mar 21 13:39 ../
-rw------- 1 hmahanta hmahanta 1671 Mar 21 23:50 id_rsa
-rw-r----- 1 hmahanta hmahanta 399 Mar 21 23:50 id_rsa.pub
-rw-r--r-- 1 hmahanta hmahanta 2014 Mar 22 09:44 known_hosts

9. Again only if the .ssh directory does not exist, or if the the file id_rsa and id_rsa.pub do not exist, then type “ssh-keygen” and accept the defaults. No need to type a password.

10. Change directory to ~/.ssh
TARGET1>$ cd ~/.ssh
TARGET1>$ pwd
TARGET1>$/home/hmahanta/.ssh

11. Cat the id_rsa.pub file to get the public key from SOURCE1 server
Paste that key in the authorized_keys file from step 5 on Target TARGET1 server. Be sure that it is all on one line and there are no blanks lines following the key. The rule is one key per line.
SOURCE1>cat id_rsa.pub
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA4G8HtHKwRSN2dWYv9/lpUBNjPrR7Pw2BJ5Mxraq2Pa3mZsLzO6pXSq/tBVN/s9upEe0T8LIZJJ9M40FR0RDncB5yXwW6T+dML+1bIlcag31o8OMqBS1+6VR
+sONgnWYSFiIJ2RyVHcZVd4GIDhSFdTb4/qNZ804is4rNS2AkRvo30VvhB3QVTFuGOO1rdBNnBv8WqhwvYmgFKQJQtcNEQGepKYrvp8U7PjrEJjhGvUdX+TBl1l3saYJub7UB42cAM+INpaZeIscT/Ujtgj3l727O3jPx7ed7STsNb/WshrKc2+N6R/UF74tkpdAzzAG4t4WXvA4iSdqeS98olTsAjQ== hmahanta@SOURCE1

TARGET1>vi authorized_keys
(you can use your favorite editor here, when done you should be able to see the new key in the file cut and paste in the key from `cat id_pub.rsa)

TARGET1>cat authorized_keys

ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6I0tmsbDh7o7uDDvg/IQYODVT48xEfh1LKQULiPq4CpXknMF+nDDm6Yb63z6jF6rPrQkUIOLCQzWh7erR2JvdWjH94UBQrsoAGJJKuEp9lnedOd7OPG17Ao3n+BXsk4AsaeehJTuZV4iKPq0qRSGbdNNrCaYzkv== hmahanta@ABCD2
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAxAX0SBOYI30xo46Mutf1r/Izv8oaDMaBKjP+DU03krZsvVrQ220ttkQGwdsTxn0/NmYgTrw+n01PYOsBgygiPplTaf+8K5CrEJJpYDQ34Fmsc9z+H7bR9/ciWGhFElVF65fu0v+QjBAiocheokYWnfAo24GEkJtHd3v/BA/ITNbxL9zCONA+C9RcQ== hmahanta@TARGET1
ssh-rsa AAAB3NzaC1yc2EAAAABIwAAAQEA4G8HtHKwRSN2dWYv9/lpUBNjPrR7Pw2BJ5Mxraq2Pa3mZsLzO6pXSq/tBVN/s9upEe0T8LIZJJ9M40FR0RDncB5yXwW6T+dML+1bIlcag31o8OMqBS1+6VR
+INpaZeIscT/Ujtgj3l72N6R/UF74tkpdAzzAG4t4WXvA4iSdqeS98olTsAjQ== hmahanta@SOURCE1

12. Save the authorized_keys file

13. OpenSSH is very picky about permissions of files and directories. Make sure that the authorized_keys file has the correct permissions:
TARGET1>$chmod 644 authorized_keys
Make sure .ssh directory has correct permissions
TARGET1>$ls -ald .ssh
drwx--S--- 2 hmahanta hmahanta 256 Mar 22 02:38 .ssh
TARGET1>$chmod 0700 .ssh
TARGET1>$ls -ald .ssh
drwx------ 2 hmahanta hmahanta 256 Mar 22 02:38 .ssh
Finally make sure the users home directory has the proper permissions
TARGET1>$pwd
/home1/dmlprd173/hmahanta
TARGET1>$ls -ald .
drwxr-sr-x 4 hmahanta hmahanta 4096 Mar 23 11:32 .
TARGET1>$chmod 0755 /home1/dmlprd173/hmahanta
TARGET1>$ls -ald .
drwxr-xr-x 4 hmahanta hmahanta 4096 Mar 23 11:32 .

Logout of the TARGET1 server.

14. Now, back on the source server, login as the same user hmahanta, type “ssh TARGET1”. You will be asked to verify the identity of the server since it is the

first time connecting using openssh, answer yes to the question, you should only have to do this only once.

SOURCE1> ssh TARGET1
The authenticity of host 'TARGET1 (10.6.5.92)' can't be established.
RSA key fingerprint is 63:fe:10:d1:7a:43:65:e0:35:cf:eb:79:41:45:a4:e7.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'TARGET1,10.6.5.92' (RSA) to the list of known hosts.

$ That's all you can connect to TARGET1 server from SOURCE1 server without entering a password now on.
If you want to make the reverse password less connectivity(TARGET1 to SOURCE1) then just add TARGET1 server's public key to SOURCE1 server's authorized_keys file.

15. That’s all. Repeat for any additional hosts.

PeopleSoft Technical Hub