1.

http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=

Request Method: POST

Status Code: 302 Found

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Content-Length: 290

Content-Type: application/x-www-form-urlencoded

Host: 192.168.1.220:6080

Origin: http://192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91

username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a

encrypted: true

----------------------------------

Content-Length: 0

Date: Sat, 08 Dec 2018 08:03:55 GMT

Location: http://192.168.1.220:6080/arcgis/admin/

Server:

Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly

Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

2.

http://192.168.1.220:6080/arcgis/admin/

Request URL: http://192.168.1.220:6080/arcgis/admin/

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Cache-Control: max-age=0

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/login

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

----------------------------------

Content-Length: 4246

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 08:03:55 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

3.

http://192.168.1.220:6080/arcgis/admin/machines

Request URL: http://192.168.1.220:6080/arcgis/admin/machines

Request Method: GET

Status Code: 200 OK

Remote Address: 192.168.1.220:6080

Referrer Policy: no-referrer-when-downgrade

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8

Accept-Encoding: gzip, deflate

Accept-Language: zh-CN,zh;q=0.9

Connection: keep-alive

Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..

Host: 192.168.1.220:6080

Referer: http://192.168.1.220:6080/arcgis/admin/

Upgrade-Insecure-Requests: 1

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36

-----------------------------------

Content-Length: 2566

Content-Type: text/html;charset=utf-8

Date: Sat, 08 Dec 2018 09:25:32 GMT

Server:

X-Frame-Options: SAMEORIGIN

X-XSS-Protection: 1; mode=block

4.获取认证

public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException {

        String token = "";

        List<String> cookieTokenList = new LinkedList<String>();

        HttpPost httpPost = null;

        try {

            HttpClient httpClient = HttpClients.createDefault();   //HttpClientBuilder.create().   // new DefaultHttpClient();

            String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri();

            httpPost = new HttpPost(tokenServiceUri);

            // 构造消息头

            //httpPost.setHeader("Referer", "*");

            httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded");

            //

            //

            List<NameValuePair> param = new ArrayList<NameValuePair>();

            param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername()));

            param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword()));

            param.add(new BasicNameValuePair("encrypted","false"));

            param.add(new BasicNameValuePair("f","json"));

            UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

            httpPost.setEntity(postEntity);

            //

            HttpResponse response = httpClient.execute(httpPost);

            // 检验返回码

            int statusCode = response.getStatusLine().getStatusCode();

            if(statusCode != HttpStatus.SC_OK){

                System.out.println("请求出错: "+statusCode);

            }else{

                System.out.println("---------------------------------------------------------------");

                for(Header header : response.getAllHeaders()){

                    System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue());

                    if(header.getName().equals("Set-Cookie")){

                        String cookieValue = header.getValue();

                        cookieTokenList.add(cookieValue.split(";")[0]);

                    }

                }

                System.out.println("---------------------------------------------------------------");

                String content = EntityUtils.toString(response.getEntity());

                System.out.println(content);

            }

        } catch (Exception e) {

            e.printStackTrace();

        }finally{

            if(httpPost != null){

                try {

                    httpPost.releaseConnection();

                    Thread.sleep(500);

                } catch (InterruptedException e) {

                    e.printStackTrace();

                }

            }

        }

        return cookieTokenList;

    }

5.获取服务器信息

public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap,

            Map<String, String> parameterMap) throws IOException {

        String content = null;

        /*

         * HttpPost httpPost = null; try { HttpClient httpClient =

         * HttpClients.createDefault(); httpPost = new HttpPost(url); // 构造消息头

         * //httpPost.setHeader("Referer", "*"); List<Header> headerList =

         * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type",

         * "application/x-www-form-urlencoded")); Header[]

         * headers=headerList.toArray(new Header[headerList.size()]);

         * httpPost.setHeaders(headers); // // List<NameValuePair> param =

         * getParam(parameterMap); param.add(new BasicNameValuePair("f","json"));

         * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8");

         * httpPost.setEntity(postEntity); // HttpResponse response =

         * httpClient.execute(httpPost);

         *

         * // 检验返回码 int statusCode = response.getStatusLine().getStatusCode();

         * if(statusCode != HttpStatus.SC_OK){ System.out.println("请求出错: "+statusCode);

         * }else{ System.out.println(

         * "---------------------------------------------------------------");

         * for(Header header : response.getAllHeaders()){ System.out.println("Key : " +

         * header.getName() + " ,Value : " + header.getValue()); } System.out.println(

         * "---------------------------------------------------------------"); content =

         * EntityUtils.toString(response.getEntity()); System.out.println(content); } }

         * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){

         * try { httpPost.releaseConnection(); Thread.sleep(500); } catch

         * (InterruptedException e) { e.printStackTrace(); } } }

         */

        URL urlObj = new URL(url);

        HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection();

        try {

            if (httpURLConnection instanceof HttpsURLConnection) {

                HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection;

                SSLContext sc = SSLContext.getInstance("SSL");

                sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom());

                httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory());

                httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier());

            }

        } catch (NoSuchAlgorithmException | KeyManagementException e) {

            e.printStackTrace();

        }

        httpURLConnection.setConnectTimeout(5000);

        httpURLConnection.setReadTimeout(10000);

        httpURLConnection.setRequestMethod("POST");

        //

        Iterator<Entry<String, String>> it = headerMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue());

        }

        //

        String formData = "f=json";

        it = parameterMap.entrySet().iterator();

        while (it.hasNext()) {

            Entry<String, String> parmEntry = it.next();

            formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8");

        }

        byte[] bytes = formData.getBytes("UTF-8");

        // if it is a POST request

        httpURLConnection.setRequestMethod("POST");

        httpURLConnection.setDoOutput(true);

        OutputStream outputStream = httpURLConnection.getOutputStream();

        outputStream.write(bytes);

        //

        InputStream inputStream = httpURLConnection.getInputStream();

        Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8"));

        StringBuilder contentStringBuilder = new StringBuilder();

        char[] buffer = new char[5000];

        int n;

        while ((n = reader.read(buffer)) != -1) {

            contentStringBuilder.append(buffer, 0, n);

        }

        reader.close();

        content = contentStringBuilder.toString();

        return content;

    }

6.前端接口

@PostMapping(path = "/generateAdminToken")

    // @ResponseBody

    public ResultInfo generateAdminToken(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            resultInfo.setStatus(token == null ? "fail" : "success");

            resultInfo.setData(token);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

    @PostMapping(path = "/machines")

    // @ResponseBody

    public ResultInfo getMachines(@RequestParam String id) {

        ResultInfo resultInfo = new ResultInfo();

        try {

            GisServer gisServer = gisServerService.getById(id);

            TokenUtil tokenUtil = new TokenUtil();

            ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl());

            serverCredentialsInfo.setUsername(gisServer.getUsername());

            serverCredentialsInfo.setPassword(gisServer.getPassword());

            serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login");

            List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login");

            //

            Map<String, String> headerMap = new HashMap<String, String>();

            headerMap.put("Cookie", StringUtils.join(tokens, ";"));

//            for(String token : tokens) {

//

//            }

            Map<String, String> cookieMap = new HashMap<String, String>();

            Map<String, String> parameterMap = new HashMap<String, String>();

            headerMap.put("f", "json");

            String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap,  cookieMap, parameterMap);    

            resultInfo.setStatus(content == null ? "fail" : "success");

            resultInfo.setData(content);

//            if (result) {

//

//            }

        } catch (Exception e) {

            e.printStackTrace();

            resultInfo.setStatus("fail");

            resultInfo.setInfo(ExceptionUtil.getStackMsg(e));

        }

        return resultInfo;

    }

ArcGIS Server Rest 认证过程分析的更多相关文章

  1. 配置ArcGIS Server使用Windows AD Windows集成身份认证

    1.配置 ArcGIS Server 以使用 Windows Active Directory 用户和角色. 2.填写Windows域账号凭证,对账号的要求如下: 需要能读取域中的用户和组,一般从属于 ...

  2. 配置ArcGIS Server使用LDAP身份认证

    1.登陆ArcGIS Server Manager,修改站点的安全设置.选择用户和角色来自现有企业系统(LDAP或Windows域). 2.选择LDAP存储类型. 3.填写LDAP用户存储连接信息.主 ...

  3. 教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题)

    原文:教你发布Silverlight Bussiness Application(SQL Server 登录,局域网访问,以及使用ArcGIS Server服务需要注意的问题) 之前发布过Silver ...

  4. Arcgis, ArcEngine, Arcgis Server使用开发汇总 索引

    ArcGIS系列软件license及安装: Arcgis SDE10.1 和 Arcgis server10.1的授权文件license tnt_esri.dat Arcgis8.1安装license ...

  5. ArcGIS API for JavaScript(2)-ArcGIS Server发布要素图层服务

    1.前言 上一篇该系列的文章我们主要讲了一下基础Web地图搭建,这篇我们主要讲一下ArcGIS Server发布服务,并且如何调用服务.将自己的数据加载到Web地图当中来,实现Web端浏览数据. 2. ...

  6. ArcGIS Server开发教程系列(1) Arcgis server 10.1 的安装

    本系列所使用的软件版本如下: Windows 7 X64 / Windows server 2008 X64 Arcgis for Desktop 10.1 Arcgis 10.1 for serve ...

  7. ArcGIS Server开发教程系列(2)配置ARCMAP和ARCCatalog发布服务

    1.       Arc catalog的配置 打开catalog,如图新增刚刚创建的server 1. Use GIS services: 用户身份连接 使用此种连接,可以浏览.使用站点内发布的所有 ...

  8. ArcGIS Server开发教程系列(3)切片

    切片工作,我们可以一级一级的切,也可以,所有的一块切,Recreate All Tiles这项是说,在没有进行任何的切片工作时,可以选用这项:Recreate Empty Tiles这项是说,如果之前 ...

  9. ArcGIS Server开发教程系列(7)使用ArcGIS API for Javascript-Hello World

    ArcGIS API for Javascript  API下载地址:http://support.esrichina-bj.cn/2011/0223/960.html 选择最新的下载就好了,目前是3 ...

随机推荐

  1. 什么是RDD?

    顾名思义,从字面理解RDD就是 Resillient Distributed Dataset,即弹性分布式数据集. 它是Spark提供的核心抽象. RDD在抽象上来讲是一种抽象的分布式的数据集.它是被 ...

  2. shell if 条件判断

    condition='123' if [ -z condition]; then echo "condition 是空的" fi 字符串判断: = 两个字符串相等. != 两个字符 ...

  3. 从 moment -> nodejs -> sequelize -> postgres,你都得设置好时区

    背景 最近在做报表统计,因为 sequelize 的时区配置没加导致了统计数字对不上的问题. 问:大家都知道时区,但是你清楚 UTC 和 GMT 的区别吗? 答:UTC 是我们现在用的时间标准,GMT ...

  4. HoloLens开发手记 - 使用Windows设备控制台 Using Windows Device Portal

    Windows设备控制台允许你通过Wi-Fi或USB来远程控制你的HoloLens设备.设备控制台是HoloLens上的一个Web Server,你可以通过PC的浏览器来连接到它.设备控制台包含了很多 ...

  5. python unittest单元测试

    unittest单元测试框架:包含测试用例编写.测试收集\测试用例加载.执行测试用例.生成测试用例报告,同时,更提供了添加断言,异常处理等. 第一:创建测试类,创建测试用例 第二:收集测试用例,加载测 ...

  6. JavaScript中的 this全面解析

    上一章我们排除了一些对this的错误认识和知道了this是在调用函数时被绑定的,完全取决于函数的调用位置.先介绍两个概念:调用位置和调用栈. 调用栈:就是为了到达当前执行位置所调用的所有函数. 调用位 ...

  7. 基于httpclient的效率优化

    1.背景 我们有个业务,会调用其他部门提供的一个基于http的服务,日调用量在千万级别.使用了httpclient来完成业务.之前因为qps上不去,就看了一下业务代码,并做了一些优化,记录在这里. 先 ...

  8. HW2018校招研发笔试编程题

    1. 数字处理 题目描述:给出一个不多于5位的整数,进行反序处理,要求 (1)求出它是几位数 (2)分别输出每一个数字(空格隔开) (3)按逆序输出各位数字(仅数字间以空格间隔,负号与数字之间不需要间 ...

  9. html css 其他常用 onclick跳转

    opacity: 0.5. 0-1 透明度 cursor: pointer;手指 clear:both 清楚浮动 我是医生不是人 文本内容超出框word-wrap:break-word; word-b ...

  10. 3分钟学会git命令的基础使用

    前言废话 下面我们就来看看gitlab服务器搭建好(http://www.cnblogs.com/JeremyWYL/p/8258368.html) 之后,git命令的基础使用,基本上就能满足我们平时 ...