1.

http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request Method: POST

Status Code: 302 Found

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Content-Length: 290

Content-Type: application/x-www-form-urlencoded

Host: 192.168.1.220:6080

Origin: http://192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91

username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a

encrypted: true

----------------------------------

Content-Length: 0

Date: Sat, 08 Dec 2018 08:03:55 GMT

Location: http://192.168.1.220:6080/arcgis/admin/

Server:

Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly

Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

2.

http://192.168.1.220:6080/arcgis/admin/

Request URL: http://192.168.1.220:6080/arcgis/admin/

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

----------------------------------

Content-Length: 4246

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 08:03:55 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

3.

http://192.168.1.220:6080/arcgis/admin/machines

Request URL: http://192.168.1.220:6080/arcgis/admin/machines

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

-----------------------------------

Content-Length: 2566

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 09:25:32 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

4.获取认证

public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException {

        String token = "";

        List<String> cookieTokenList = new LinkedList<String>();

        HttpPost httpPost = null;

        try {

            HttpClient httpClient = HttpClients.createDefault();   //HttpClientBuilder.create().   // new DefaultHttpClient();

            String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri();

            httpPost = new HttpPost(tokenServiceUri);

            // 构造消息头

            //httpPost.setHeader("Referer", "*");

            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");

            //

            //

            List<NameValuePair> param = new ArrayList<NameValuePair>();

            param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername()));

            param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword()));

            param.add(new BasicNameValuePair("encrypted","false"));

            param.add(new BasicNameValuePair("f","json"));

            UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

            httpPost.setEntity(postEntity);

            //

            HttpResponse response = httpClient.execute(httpPost);

            // 检验返回码

            int statusCode = response.getStatusLine().getStatusCode();

            if(statusCode != HttpStatus.SC_OK){

                System.out.println("请求出错: "+statusCode);

            }else{

                System.out.println("---------------------------------------------------------------");

                for(Header header : response.getAllHeaders()){

                    System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue());

                    if(header.getName().equals("Set-Cookie")){

                        String cookieValue = header.getValue();

                        cookieTokenList.add(cookieValue.split(";")[0]);

                    }

                }

                System.out.println("---------------------------------------------------------------");

                String content = EntityUtils.toString(response.getEntity());

                System.out.println(content);

            }

        } catch (Exception e) {

            e.printStackTrace();

        }finally{

            if(httpPost != null){

                try {

                    httpPost.releaseConnection();

                    Thread.sleep(500);

                } catch (InterruptedException e) {

                    e.printStackTrace();

                }

            }

        }

        return cookieTokenList;

    }

5.获取服务器信息

public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap,

            Map<String, String> parameterMap) throws IOException {

        String content = null;

        /*

         * HttpPost httpPost = null; try { HttpClient httpClient =

         * HttpClients.createDefault(); httpPost = new HttpPost(url); // 构造消息头

         * //httpPost.setHeader("Referer", "*"); List<Header> headerList =

         * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type",

         * "application/x-www-form-urlencoded")); Header[]

         * headers=headerList.toArray(new Header[headerList.size()]);

         * httpPost.setHeaders(headers); // // List<NameValuePair> param =

         * getParam(parameterMap); param.add(new BasicNameValuePair("f","json"));

         * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

         * httpPost.setEntity(postEntity); // HttpResponse response =

         * httpClient.execute(httpPost);

         *

         * // 检验返回码 int statusCode = response.getStatusLine().getStatusCode();

         * if(statusCode != HttpStatus.SC_OK){ System.out.println("请求出错: "+statusCode);

         * }else{ System.out.println(

         * "---------------------------------------------------------------");

         * for(Header header : response.getAllHeaders()){ System.out.println("Key : " +

         * header.getName() + " ,Value : " + header.getValue()); } System.out.println(

         * "---------------------------------------------------------------"); content =

         * EntityUtils.toString(response.getEntity()); System.out.println(content); } }

         * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){

         * try { httpPost.releaseConnection(); Thread.sleep(500); } catch

         * (InterruptedException e) { e.printStackTrace(); } } }

         */

        URL urlObj = new URL(url);

        HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection();

        try {

            if (httpURLConnection instanceof HttpsURLConnection) {

                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;

                SSLContext sc = SSLContext.getInstance("SSL");

                sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());

                httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory());

                httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier());

            }

        } catch (NoSuchAlgorithmException | KeyManagementException e) {

            e.printStackTrace();

        }

        httpURLConnection.setConnectTimeout(5000);

        httpURLConnection.setReadTimeout(10000);

        httpURLConnection.setRequestMethod("POST");

        //

        Iterator<Entry<String, String>> it = headerMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue());

        }

        //

        String formData = "f=json";

        it = parameterMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8");

        }

        byte[] bytes = formData.getBytes("UTF-8");

        // if it is a POST request

        httpURLConnection.setRequestMethod("POST");

        httpURLConnection.setDoOutput(true);

        OutputStream outputStream = httpURLConnection.getOutputStream();

        outputStream.write(bytes);

        //

        InputStream inputStream = httpURLConnection.getInputStream();

        Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));

        StringBuilder contentStringBuilder = new StringBuilder();

        char[] buffer = new char[5000];

        int n;

        while ((n = reader.read(buffer)) != -1) {

            contentStringBuilder.append(buffer, 0, n);

        }

        reader.close();

        content = contentStringBuilder.toString();

        return content;

    }

6.前端接口

@PostMapping(path = "/generateAdminToken")

    // @ResponseBody

    public ResultInfo generateAdminToken(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            resultInfo.setStatus(token == null ? "fail" : "success");

            resultInfo.setData(token);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

    @PostMapping(path = "/machines")

    // @ResponseBody

    public ResultInfo getMachines(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            //

            Map<String, String> headerMap = new HashMap<String, String>();

            headerMap.put("Cookie", StringUtils.join(tokens, ";"));

//            for(String token : tokens) {

//

//            }

            Map<String, String> cookieMap = new HashMap<String, String>();

            Map<String, String> parameterMap = new HashMap<String, String>();

            headerMap.put("f", "json");

            String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap,  cookieMap, parameterMap);    

            resultInfo.setStatus(content == null ? "fail" : "success");

            resultInfo.setData(content);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

ArcGIS Server Rest 认证过程分析的更多相关文章

  1. 配置ArcGIS Server使用Windows AD Windows集成身份认证

    1.配置 ArcGIS Server 以使用 Windows Active Directory 用户和角色. 2.填写Windows域账号凭证,对账号的要求如下: 需要能读取域中的用户和组,一般从属于 ...

  2. 配置ArcGIS Server使用LDAP身份认证

    1.登陆ArcGIS Server Manager,修改站点的安全设置.选择用户和角色来自现有企业系统(LDAP或Windows域). 2.选择LDAP存储类型. 3.填写LDAP用户存储连接信息.主 ...

  3. 教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题)

    原文:教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题) 之前发布过Silver ...

  4. Arcgis, ArcEngine, Arcgis Server使用开发汇总 索引

    ArcGIS系列软件license及安装: Arcgis SDE10.1 和 Arcgis server10.1的授权文件license tnt_esri.dat Arcgis8.1安装license ...

  5. ArcGIS API for JavaScript(2)-ArcGIS Server发布要素图层服务

    1.前言 上一篇该系列的文章我们主要讲了一下基础Web地图搭建,这篇我们主要讲一下ArcGIS Server发布服务,并且如何调用服务.将自己的数据加载到Web地图当中来,实现Web端浏览数据. 2. ...

  6. ArcGIS Server开发教程系列(1) Arcgis server 10.1 的安装

    本系列所使用的软件版本如下: Windows 7 X64 / Windows server 2008 X64 Arcgis for Desktop 10.1 Arcgis 10.1 for serve ...

  7. ArcGIS Server开发教程系列(2)配置ARCMAP和ARCCatalog发布服务

    1.       Arc catalog的配置 打开catalog,如图新增刚刚创建的server 1. Use GIS services: 用户身份连接 使用此种连接,可以浏览.使用站点内发布的所有 ...

  8. ArcGIS Server开发教程系列(3)切片

    切片工作,我们可以一级一级的切,也可以,所有的一块切,Recreate All Tiles这项是说,在没有进行任何的切片工作时,可以选用这项:Recreate Empty Tiles这项是说,如果之前 ...

  9. ArcGIS Server开发教程系列(7)使用ArcGIS API for Javascript-Hello World

    ArcGIS API for Javascript  API下载地址:http://support.esrichina-bj.cn/2011/0223/960.html 选择最新的下载就好了,目前是3 ...

随机推荐

  1. 开发微信小程序——古龙小说阅读器

    概述 由于面试的关系接触了一下微信小程序,花了2晚上开发了一个带书签功能的古龙小说阅读器,并且已经提交审核等待发布.这篇博文记录了我的开发过程和对微信小程序的看法,供以后开发时参考,相信对其他人也有用 ...

  2. struts2框架学习笔记2:配置详解

    核心配置文件: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE struts PUBLIC ...

  3. JS应用实例5:全选、动态添加

    HTML代码: <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <t ...

  4. apk文件md5校验之用好压对下载服务器测试[测试篇]

    往往稍微有点规模的公司,都会有一个独立下载服务器,那么,我还是简单说一下下载服务器的原理吧,首先后台上传文件或软件,然后web服务器通过定时脚本检测,如有变化,则将文件同步出去到下载服务器,源站数据库 ...

  5. 【Spark调优】数据本地化与参数调优

    数据本地化对于Spark Job性能有着巨大的影响,如果数据以及要计算它的代码是在一起的,那么性能当然会非常高.但是,如果数据和计算它的代码是分开的,那么其中之一必须到另外一方的机器上.移动代码到其匹 ...

  6. Typescript 学习笔记五:类

    中文网:https://www.tslang.cn/ 官网:http://www.typescriptlang.org/ 目录: Typescript 学习笔记一:介绍.安装.编译 Typescrip ...

  7. 分布式高性能消息系统(Kafka MQ)的原理与实践

    一.关于Kafka的一些概念和理解 Kafka是一个分布式的数据流平台,它基于独特日志文件形式,提供了高性能消息系统功能.也可以用于大数据流管道. Kafka维护了按目录划分的消息订阅源,称之为 To ...

  8. Zabbix系列之六——添加web监测

    zabbix提供了web监测功能,监控到站点的响应时间,还可以根据站点返回的状态码,或者响应时间做报警,列入服务保证官网确打不开等现象. 官网地址:https://www.zabbix.com/doc ...

  9. Netty精粹之轻量级内存池技术实现原理与应用

    摘要: 在Netty中,通常会有多个IO线程独立工作,基于NioEventLoop的实现,每个IO线程负责轮询单独的Selector实例来检索IO事件,当IO事件来临的时候,IO线程开始处理IO事件. ...

  10. jqgrid表头上面再加一行---二级表头

    实现效果如图,代码如下: $( "#table_list_1" ).jqGrid( 'setGroupHeaders' , { useColSpanStyle : true , / ...