1.

http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request Method: POST

Status Code: 302 Found

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Content-Length: 290

Content-Type: application/x-www-form-urlencoded

Host: 192.168.1.220:6080

Origin: http://192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91

username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a

encrypted: true

----------------------------------

Content-Length: 0

Date: Sat, 08 Dec 2018 08:03:55 GMT

Location: http://192.168.1.220:6080/arcgis/admin/

Server:

Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly

Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

2.

http://192.168.1.220:6080/arcgis/admin/

Request URL: http://192.168.1.220:6080/arcgis/admin/

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

----------------------------------

Content-Length: 4246

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 08:03:55 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

3.

http://192.168.1.220:6080/arcgis/admin/machines

Request URL: http://192.168.1.220:6080/arcgis/admin/machines

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

-----------------------------------

Content-Length: 2566

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 09:25:32 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

4.获取认证

public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException {

        String token = "";

        List<String> cookieTokenList = new LinkedList<String>();

        HttpPost httpPost = null;

        try {

            HttpClient httpClient = HttpClients.createDefault();   //HttpClientBuilder.create().   // new DefaultHttpClient();

            String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri();

            httpPost = new HttpPost(tokenServiceUri);

            // 构造消息头

            //httpPost.setHeader("Referer", "*");

            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");

            //

            //

            List<NameValuePair> param = new ArrayList<NameValuePair>();

            param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername()));

            param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword()));

            param.add(new BasicNameValuePair("encrypted","false"));

            param.add(new BasicNameValuePair("f","json"));

            UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

            httpPost.setEntity(postEntity);

            //

            HttpResponse response = httpClient.execute(httpPost);

            // 检验返回码

            int statusCode = response.getStatusLine().getStatusCode();

            if(statusCode != HttpStatus.SC_OK){

                System.out.println("请求出错: "+statusCode);

            }else{

                System.out.println("---------------------------------------------------------------");

                for(Header header : response.getAllHeaders()){

                    System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue());

                    if(header.getName().equals("Set-Cookie")){

                        String cookieValue = header.getValue();

                        cookieTokenList.add(cookieValue.split(";")[0]);

                    }

                }

                System.out.println("---------------------------------------------------------------");

                String content = EntityUtils.toString(response.getEntity());

                System.out.println(content);

            }

        } catch (Exception e) {

            e.printStackTrace();

        }finally{

            if(httpPost != null){

                try {

                    httpPost.releaseConnection();

                    Thread.sleep(500);

                } catch (InterruptedException e) {

                    e.printStackTrace();

                }

            }

        }

        return cookieTokenList;

    }

5.获取服务器信息

public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap,

            Map<String, String> parameterMap) throws IOException {

        String content = null;

        /*

         * HttpPost httpPost = null; try { HttpClient httpClient =

         * HttpClients.createDefault(); httpPost = new HttpPost(url); // 构造消息头

         * //httpPost.setHeader("Referer", "*"); List<Header> headerList =

         * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type",

         * "application/x-www-form-urlencoded")); Header[]

         * headers=headerList.toArray(new Header[headerList.size()]);

         * httpPost.setHeaders(headers); // // List<NameValuePair> param =

         * getParam(parameterMap); param.add(new BasicNameValuePair("f","json"));

         * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

         * httpPost.setEntity(postEntity); // HttpResponse response =

         * httpClient.execute(httpPost);

         *

         * // 检验返回码 int statusCode = response.getStatusLine().getStatusCode();

         * if(statusCode != HttpStatus.SC_OK){ System.out.println("请求出错: "+statusCode);

         * }else{ System.out.println(

         * "---------------------------------------------------------------");

         * for(Header header : response.getAllHeaders()){ System.out.println("Key : " +

         * header.getName() + " ,Value : " + header.getValue()); } System.out.println(

         * "---------------------------------------------------------------"); content =

         * EntityUtils.toString(response.getEntity()); System.out.println(content); } }

         * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){

         * try { httpPost.releaseConnection(); Thread.sleep(500); } catch

         * (InterruptedException e) { e.printStackTrace(); } } }

         */

        URL urlObj = new URL(url);

        HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection();

        try {

            if (httpURLConnection instanceof HttpsURLConnection) {

                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;

                SSLContext sc = SSLContext.getInstance("SSL");

                sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());

                httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory());

                httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier());

            }

        } catch (NoSuchAlgorithmException | KeyManagementException e) {

            e.printStackTrace();

        }

        httpURLConnection.setConnectTimeout(5000);

        httpURLConnection.setReadTimeout(10000);

        httpURLConnection.setRequestMethod("POST");

        //

        Iterator<Entry<String, String>> it = headerMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue());

        }

        //

        String formData = "f=json";

        it = parameterMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8");

        }

        byte[] bytes = formData.getBytes("UTF-8");

        // if it is a POST request

        httpURLConnection.setRequestMethod("POST");

        httpURLConnection.setDoOutput(true);

        OutputStream outputStream = httpURLConnection.getOutputStream();

        outputStream.write(bytes);

        //

        InputStream inputStream = httpURLConnection.getInputStream();

        Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));

        StringBuilder contentStringBuilder = new StringBuilder();

        char[] buffer = new char[5000];

        int n;

        while ((n = reader.read(buffer)) != -1) {

            contentStringBuilder.append(buffer, 0, n);

        }

        reader.close();

        content = contentStringBuilder.toString();

        return content;

    }

6.前端接口

@PostMapping(path = "/generateAdminToken")

    // @ResponseBody

    public ResultInfo generateAdminToken(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            resultInfo.setStatus(token == null ? "fail" : "success");

            resultInfo.setData(token);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

    @PostMapping(path = "/machines")

    // @ResponseBody

    public ResultInfo getMachines(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            //

            Map<String, String> headerMap = new HashMap<String, String>();

            headerMap.put("Cookie", StringUtils.join(tokens, ";"));

//            for(String token : tokens) {

//

//            }

            Map<String, String> cookieMap = new HashMap<String, String>();

            Map<String, String> parameterMap = new HashMap<String, String>();

            headerMap.put("f", "json");

            String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap,  cookieMap, parameterMap);    

            resultInfo.setStatus(content == null ? "fail" : "success");

            resultInfo.setData(content);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

ArcGIS Server Rest 认证过程分析的更多相关文章

  1. 配置ArcGIS Server使用Windows AD Windows集成身份认证

    1.配置 ArcGIS Server 以使用 Windows Active Directory 用户和角色. 2.填写Windows域账号凭证,对账号的要求如下: 需要能读取域中的用户和组,一般从属于 ...

  2. 配置ArcGIS Server使用LDAP身份认证

    1.登陆ArcGIS Server Manager,修改站点的安全设置.选择用户和角色来自现有企业系统(LDAP或Windows域). 2.选择LDAP存储类型. 3.填写LDAP用户存储连接信息.主 ...

  3. 教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题)

    原文:教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题) 之前发布过Silver ...

  4. Arcgis, ArcEngine, Arcgis Server使用开发汇总 索引

    ArcGIS系列软件license及安装: Arcgis SDE10.1 和 Arcgis server10.1的授权文件license tnt_esri.dat Arcgis8.1安装license ...

  5. ArcGIS API for JavaScript(2)-ArcGIS Server发布要素图层服务

    1.前言 上一篇该系列的文章我们主要讲了一下基础Web地图搭建,这篇我们主要讲一下ArcGIS Server发布服务,并且如何调用服务.将自己的数据加载到Web地图当中来,实现Web端浏览数据. 2. ...

  6. ArcGIS Server开发教程系列(1) Arcgis server 10.1 的安装

    本系列所使用的软件版本如下: Windows 7 X64 / Windows server 2008 X64 Arcgis for Desktop 10.1 Arcgis 10.1 for serve ...

  7. ArcGIS Server开发教程系列(2)配置ARCMAP和ARCCatalog发布服务

    1.       Arc catalog的配置 打开catalog,如图新增刚刚创建的server 1. Use GIS services: 用户身份连接 使用此种连接,可以浏览.使用站点内发布的所有 ...

  8. ArcGIS Server开发教程系列(3)切片

    切片工作,我们可以一级一级的切,也可以,所有的一块切,Recreate All Tiles这项是说,在没有进行任何的切片工作时,可以选用这项:Recreate Empty Tiles这项是说,如果之前 ...

  9. ArcGIS Server开发教程系列(7)使用ArcGIS API for Javascript-Hello World

    ArcGIS API for Javascript  API下载地址:http://support.esrichina-bj.cn/2011/0223/960.html 选择最新的下载就好了,目前是3 ...

随机推荐

  1. JavaScript中的定时事件

    这两个函数都是在给定的时间之后开始执行的,并不是立即执行. var timeId = window.setTimeout("method()",1000); //定时执行,还可以这 ...

  2. JS应用实例2:轮播图

    在学习轮播图之前,要先会切换图片: 找三张图片,命名1.jpg,2.jpg,3.jpg 示例: <!DOCTYPE html> <html> <head> < ...

  3. [CocoaPods]如何使用CocoaPods插件

    CocoaPods +插件 CocoaPods是一个由极少数维护者运营的社区项目,需要维护大量的表面区域.可以肯定地说CocoaPods永远不会支持Xcode支持的每个功能,即使这样,团队也必须对许多 ...

  4. Python模块学习 - fabric

    简介 fabric是一个Python的库,同时它也是一个命令行工具.使用fabric提供的命令行工具,可以很方便地执行应用部署和系统管理等操作. fabric依赖于paramiko进行ssh交互,fa ...

  5. Android分享内容和接收分享内容小小实现

    先来说说分享,毕竟没有分享何来接收分享可谈? 分享目前已实现的有两种方式:后台代码实现.ShareActionProvider实现,接着先说通过代码实现 Intent intent=new Inten ...

  6. [视频]K8飞刀 一键免杀 IE神洞网马教程

    [视频]K8飞刀 一键免杀 IE神洞网马教程 https://pan.baidu.com/s/16ZrTs

  7. 高手速成android开源项目【View篇】

    主要介绍那些不错个性化的View,包括ListView.ActionBar.Menu.ViewPager.Gallery.GridView.ImageView.ProgressBar及其他如Dialo ...

  8. volatile 关键字了解与使用

    前言 不管是在面试还是实际开发中 volatile 都是一个应该掌握的技能. 首先来看看为什么会出现这个关键字. 内存可见性 由于 Java 内存模型(JMM)规定,所有的变量都存放在主内存中,而每个 ...

  9. Java 动态生成 PDF 文件

    每片文章前来首小诗:   今日夕阳伴薄雾,印着雪墙笑开颜.我心仿佛出窗前,浮在半腰望西天.  --泥沙砖瓦浆木匠 需求: 项目里面有需要java动态生成 PDF 文件,提供下载.今天我找了下有关了,系 ...

  10. SQL优化经验总结

    一. 优化SQL步骤 1. 通过 show status和应用特点了解各种 SQL的执行频率    通过 SHOW STATUS 可以提供服务器状态信息,也可以使用 mysqladmin extend ...