Captcha not being displayed

Hello,

I recently enabled Captcha for users logging into XWiki. However, the image is not being displayed on the login page. Now I can’t login to XWiki anymore, not even with the Adminuser.

Is there any way to disable captcha in the configs?

I tried using different Browser without success.

The image (which is not displayed correctly) points to the following link:

http://myaddress/bin/jcaptcha/XWiki/XWikiLogin?type=image&engine=com.octo.captcha.engine.image.gimpy.DefaultGimpyEngine&cache-buster=1568615401135

Any ideas? I’m not sure what to do, can’t login to XWiki anymore at all.

I was able to login now by activating the superadmin. The problem still remains though. When I go to Users & Rights -> Authentication -> Failure Strategies I have to enable one of the two (Captcha or Disable Account). Can I temporarily disable the failure strategy until this problem is solved?

I have the same problem with he Captcha (both JCaptcha and reCAPTCHA).
When someone enters wrong password multiple times, Captcha image (JCaptcha) or the “I’m not a robot” (reCAPTCHA) should appear but not in my case.

I think the problem has to do with the nginx and the redirect http to https but i can’t find a solution.

So first of all, you can check if the CAPTCHA is displayed properly and configure it by going in the administration in Other > CAPTCHA. You should be able to fallback on a text captcha if the image captcha doesn’t work properly.

Now if you get stucked on login page because the CAPTCHA do not appear you have several options:

  1. restart the wiki (the counter of failure is not persistent in case of CAPTCHA strategy)
  2. login with superadmin and deactivate all failure strategies, you should be able to login again properly, but note that if you activate back the strategy and the CAPTCHA still don’t work, you’ll get stuck again at next login
  3. login with superadmin user, create a page in wiki mode, copy/paste the following code snippet and view the page to enable back the users who are blocked (you need the programming rights):
{{velocity}}
$services.security.authentication.resetAuthenticationFailureCounter("login")
{{/velocity}}

where login is the login you use to authenticate. This ensures to remove the data about login failures without needing to restart xwiki.

1 Like