I have a Web Application (Vaadin for the client, resteasy with jetty in the backend) which has a register button. I would like to make sure only humans can register.
When the user connects to my server for registration (e.g. myhost.com/register), i need to somehow create an image and a challenge. I am wondering how such a flow could look like.
1) user connects to myhost.com/register -> i need to create an image and the challenge and store it somewhere with some kind of identifier to identify this user
2) the user enters some text and the captcha challenge and hits enter -> i verify (where?) the captcha and the challenge (based on some ID - but what id could i use)
3) when the user enters a wrong captcha, it should be re-generated -> same problem as on 1 and 2 - where to store captcha/challenge and identifier for that?
I dont like using something like reCAPTCHA as it collects a lot of information about users which visit my page. I dont like that.
Maybe someone can give me a hint