1.

http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request Method: POST

Status Code: 302 Found

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Content-Length: 290

Content-Type: application/x-www-form-urlencoded

Host: 192.168.1.220:6080

Origin: http://192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91

username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a

encrypted: true

----------------------------------

Content-Length: 0

Date: Sat, 08 Dec 2018 08:03:55 GMT

Location: http://192.168.1.220:6080/arcgis/admin/

Server:

Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly

Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

2.

http://192.168.1.220:6080/arcgis/admin/

Request URL: http://192.168.1.220:6080/arcgis/admin/

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

----------------------------------

Content-Length: 4246

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 08:03:55 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

3.

http://192.168.1.220:6080/arcgis/admin/machines

Request URL: http://192.168.1.220:6080/arcgis/admin/machines

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

-----------------------------------

Content-Length: 2566

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 09:25:32 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

4.获取认证

public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException {

        String token = "";

        List<String> cookieTokenList = new LinkedList<String>();

        HttpPost httpPost = null;

        try {

            HttpClient httpClient = HttpClients.createDefault();   //HttpClientBuilder.create().   // new DefaultHttpClient();

            String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri();

            httpPost = new HttpPost(tokenServiceUri);

            // 构造消息头

            //httpPost.setHeader("Referer", "*");

            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");

            //

            //

            List<NameValuePair> param = new ArrayList<NameValuePair>();

            param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername()));

            param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword()));

            param.add(new BasicNameValuePair("encrypted","false"));

            param.add(new BasicNameValuePair("f","json"));

            UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

            httpPost.setEntity(postEntity);

            //

            HttpResponse response = httpClient.execute(httpPost);

            // 检验返回码

            int statusCode = response.getStatusLine().getStatusCode();

            if(statusCode != HttpStatus.SC_OK){

                System.out.println("请求出错: "+statusCode);

            }else{

                System.out.println("---------------------------------------------------------------");

                for(Header header : response.getAllHeaders()){

                    System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue());

                    if(header.getName().equals("Set-Cookie")){

                        String cookieValue = header.getValue();

                        cookieTokenList.add(cookieValue.split(";")[0]);

                    }

                }

                System.out.println("---------------------------------------------------------------");

                String content = EntityUtils.toString(response.getEntity());

                System.out.println(content);

            }

        } catch (Exception e) {

            e.printStackTrace();

        }finally{

            if(httpPost != null){

                try {

                    httpPost.releaseConnection();

                    Thread.sleep(500);

                } catch (InterruptedException e) {

                    e.printStackTrace();

                }

            }

        }

        return cookieTokenList;

    }

5.获取服务器信息

public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap,

            Map<String, String> parameterMap) throws IOException {

        String content = null;

        /*

         * HttpPost httpPost = null; try { HttpClient httpClient =

         * HttpClients.createDefault(); httpPost = new HttpPost(url); // 构造消息头

         * //httpPost.setHeader("Referer", "*"); List<Header> headerList =

         * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type",

         * "application/x-www-form-urlencoded")); Header[]

         * headers=headerList.toArray(new Header[headerList.size()]);

         * httpPost.setHeaders(headers); // // List<NameValuePair> param =

         * getParam(parameterMap); param.add(new BasicNameValuePair("f","json"));

         * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

         * httpPost.setEntity(postEntity); // HttpResponse response =

         * httpClient.execute(httpPost);

         *

         * // 检验返回码 int statusCode = response.getStatusLine().getStatusCode();

         * if(statusCode != HttpStatus.SC_OK){ System.out.println("请求出错: "+statusCode);

         * }else{ System.out.println(

         * "---------------------------------------------------------------");

         * for(Header header : response.getAllHeaders()){ System.out.println("Key : " +

         * header.getName() + " ,Value : " + header.getValue()); } System.out.println(

         * "---------------------------------------------------------------"); content =

         * EntityUtils.toString(response.getEntity()); System.out.println(content); } }

         * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){

         * try { httpPost.releaseConnection(); Thread.sleep(500); } catch

         * (InterruptedException e) { e.printStackTrace(); } } }

         */

        URL urlObj = new URL(url);

        HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection();

        try {

            if (httpURLConnection instanceof HttpsURLConnection) {

                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;

                SSLContext sc = SSLContext.getInstance("SSL");

                sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());

                httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory());

                httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier());

            }

        } catch (NoSuchAlgorithmException | KeyManagementException e) {

            e.printStackTrace();

        }

        httpURLConnection.setConnectTimeout(5000);

        httpURLConnection.setReadTimeout(10000);

        httpURLConnection.setRequestMethod("POST");

        //

        Iterator<Entry<String, String>> it = headerMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue());

        }

        //

        String formData = "f=json";

        it = parameterMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8");

        }

        byte[] bytes = formData.getBytes("UTF-8");

        // if it is a POST request

        httpURLConnection.setRequestMethod("POST");

        httpURLConnection.setDoOutput(true);

        OutputStream outputStream = httpURLConnection.getOutputStream();

        outputStream.write(bytes);

        //

        InputStream inputStream = httpURLConnection.getInputStream();

        Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));

        StringBuilder contentStringBuilder = new StringBuilder();

        char[] buffer = new char[5000];

        int n;

        while ((n = reader.read(buffer)) != -1) {

            contentStringBuilder.append(buffer, 0, n);

        }

        reader.close();

        content = contentStringBuilder.toString();

        return content;

    }

6.前端接口

@PostMapping(path = "/generateAdminToken")

    // @ResponseBody

    public ResultInfo generateAdminToken(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            resultInfo.setStatus(token == null ? "fail" : "success");

            resultInfo.setData(token);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

    @PostMapping(path = "/machines")

    // @ResponseBody

    public ResultInfo getMachines(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            //

            Map<String, String> headerMap = new HashMap<String, String>();

            headerMap.put("Cookie", StringUtils.join(tokens, ";"));

//            for(String token : tokens) {

//

//            }

            Map<String, String> cookieMap = new HashMap<String, String>();

            Map<String, String> parameterMap = new HashMap<String, String>();

            headerMap.put("f", "json");

            String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap,  cookieMap, parameterMap);    

            resultInfo.setStatus(content == null ? "fail" : "success");

            resultInfo.setData(content);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

ArcGIS Server Rest 认证过程分析的更多相关文章

  1. 配置ArcGIS Server使用Windows AD Windows集成身份认证

    1.配置 ArcGIS Server 以使用 Windows Active Directory 用户和角色. 2.填写Windows域账号凭证,对账号的要求如下: 需要能读取域中的用户和组,一般从属于 ...

  2. 配置ArcGIS Server使用LDAP身份认证

    1.登陆ArcGIS Server Manager,修改站点的安全设置.选择用户和角色来自现有企业系统(LDAP或Windows域). 2.选择LDAP存储类型. 3.填写LDAP用户存储连接信息.主 ...

  3. 教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题)

    原文:教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题) 之前发布过Silver ...

  4. Arcgis, ArcEngine, Arcgis Server使用开发汇总 索引

    ArcGIS系列软件license及安装: Arcgis SDE10.1 和 Arcgis server10.1的授权文件license tnt_esri.dat Arcgis8.1安装license ...

  5. ArcGIS API for JavaScript(2)-ArcGIS Server发布要素图层服务

    1.前言 上一篇该系列的文章我们主要讲了一下基础Web地图搭建,这篇我们主要讲一下ArcGIS Server发布服务,并且如何调用服务.将自己的数据加载到Web地图当中来,实现Web端浏览数据. 2. ...

  6. ArcGIS Server开发教程系列(1) Arcgis server 10.1 的安装

    本系列所使用的软件版本如下: Windows 7 X64 / Windows server 2008 X64 Arcgis for Desktop 10.1 Arcgis 10.1 for serve ...

  7. ArcGIS Server开发教程系列(2)配置ARCMAP和ARCCatalog发布服务

    1.       Arc catalog的配置 打开catalog,如图新增刚刚创建的server 1. Use GIS services: 用户身份连接 使用此种连接,可以浏览.使用站点内发布的所有 ...

  8. ArcGIS Server开发教程系列(3)切片

    切片工作,我们可以一级一级的切,也可以,所有的一块切,Recreate All Tiles这项是说,在没有进行任何的切片工作时,可以选用这项:Recreate Empty Tiles这项是说,如果之前 ...

  9. ArcGIS Server开发教程系列(7)使用ArcGIS API for Javascript-Hello World

    ArcGIS API for Javascript  API下载地址:http://support.esrichina-bj.cn/2011/0223/960.html 选择最新的下载就好了,目前是3 ...

随机推荐

  1. JavaScript使用浏览器内置XML解析器解析DOM对象

    所有现代浏览器都内建了供读取和操作 XML 的 XML 解析器.解析器把 XML 转换为 XML DOM 对象 (可通过 JavaScript 操作的对象). 一.获取DOM对象 XMLHttpReq ...

  2. Java学习笔记38(字符流)

    字符输出流:Writer类:使用时候需要它的子类 局限性:只能写文本文件,无法写其他文件 方法: package demo; import java.io.FileWriter; import jav ...

  3. 开源性能测试工具Locust使用篇(三)

    脚本增强 面对较复杂的测试场景,我们可能还是会感觉无从下手:例如,很多时候脚本需要做关联或参数化处理,Locust中就不知道怎么实现了.可能也是这方面的原因,感觉难以将Locust应用到实际的性能测试 ...

  4. 机器学习技法笔记:16 Finale

    Roadmap Feature Exploitation Techniques Error Optimization Techniques Overfitting Elimination Techni ...

  5. python函数练习——个人信息修改

    修改个人信息程序 在一个文件里存多个人的个人信息,如以下 1.输入用户名密码,正确后登录系统 ,打印 1. 修改个人信息 2. 打印个人信息 3. 修改密码 2.每个选项写一个方法 3.登录时输错3次 ...

  6. Maven setting配置镜像仓库

    国内Maven镜像仓库值得收藏 1.配置IDE构建的Maven存放目录(解压目录) 2.配置IDE的User setting file路径,修改setting配置文件 配置本地仓库   <!-- ...

  7. Zabbix系列之二——添加监控主机步凑

    1.登录监控平台,配置——主机——创建主机 2.主机设置 3.添加模板

  8. 使用配置文件自定义Ribbon配置

    1.application.yml——Ribbon配置文件 debug: false spring: application: name: mcc-ribbon-properties cloud: c ...

  9. ArrayBlockingQueue 阻塞队列 生产者 与消费者案例

    package com.originalityTest; import java.net.UnknownHostException; import java.util.ArrayList; impor ...

  10. Mysql 5.7 基于组复制(MySQL Group Replication) - 运维小结

    之前介绍了Mysq主从同步的异步复制(默认模式).半同步复制.基于GTID复制.基于组提交和并行复制 (解决同步延迟),下面简单说下Mysql基于组复制(MySQL Group Replication ...