ArcGIS Server Rest 認證過程分析
1.
http://192.168.1.220:6080/arcgis/admin/login?redirect=
Request URL: http://192.168.1.220:6080/arcgis/admin/login?redirect=
Request Method: POST
Status Code: 302 Found
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 290
Content-Type: application/x-www-form-urlencoded
Host: 192.168.1.220:6080
Origin:
Referer: http://192.168.1.220:6080/arcgis/admin/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36
password: 7a138ea2a5a0612e2f4418bc80dc0b7188f26d86abbeebd24b9448f5fcd4fa6f28644f150317f493decb8d8c14b121be40fc6dbbd072cd72b15302bd4349fc91
username: 6393efc202b63592a688d9dc3722676f5b08d39bf844e30f94351ae527592e076f78424f28f85ffbaef89c2f4bb5d34b4a591cebf9ffbaca5bd9753e5cb4a36a
encrypted: true
----------------------------------
Content-Length: 0
Date: Sat, 08 Dec 2018 08:03:55 GMT
Location: http://192.168.1.220:6080/arcgis/admin/
Server:
Set-Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; Version=1; HttpOnly
Set-Cookie: AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..; HttpOnly
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
2.
http://192.168.1.220:6080/arcgis/admin/
Request URL: http://192.168.1.220:6080/arcgis/admin/
Request Method: GET
Status Code: 200 OK
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cache-Control: max-age=0
Connection: keep-alive
Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6oy5zDie7gT7ra-HgydqVf3LnSFuPqhBC15cfE6aYx7Hp,AZ7rFFN477VEpmJFE-p6o9m-1pBqmpRtHWAl5-x4GO32g-SaSt78UH1ZktLfjOQHPZdJ1WhX2Jor0YLhQuCvSB8BAKiq9csAZEimJZ9J47A."; AGS_PRIVILEGE_TOKEN=jV6AxlQ-vteRvEcY7CKHsJlUjjr3owLQ-kAb6ySF0rJ5O3zTeHkQxyyv37PMnaPtvCfgfd-WoaZvfr4ilnZPrg..
Host: 192.168.1.220:6080
Referer: http://192.168.1.220:6080/arcgis/admin/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36
----------------------------------
Content-Length: 4246
Content-Type: text/html;charset=utf-8
Date: Sat, 08 Dec 2018 08:03:55 GMT
Server:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
3.
http://192.168.1.220:6080/arcgis/admin/machines
Request URL: http://192.168.1.220:6080/arcgis/admin/machines
Request Method: GET
Status Code: 200 OK
Remote Address: 192.168.1.220:6080
Referrer Policy: no-referrer-when-downgrade
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: keep-alive
Cookie: AGS_ADMIN_TOKEN="AZ7rFFN477VEpmJFE-p6o1ZRCoo5aZoVNEGRr9HMX1IS7eFUMLoa-LpZKnqH2hEh,AZ7rFFN477VEpmJFE-p6o5VBUs_C5VWdtXxT865HRc_Nmkq7gSm82hl7SI3zs0JF3cWGgFyWN2Z9XYeT-QvjABYKP3fk42Q8mWQ2CIqh-T4."; AGS_PRIVILEGE_TOKEN=bGan0Kz6aO88LXMZsAEkfOow92lIXG3-Hur-7bYa5FZAjeOv_Kn6V2WqIgQxv10-4K0LwDACPDNx8ojUFnF75w..
Host: 192.168.1.220:6080
Referer: http://192.168.1.220:6080/arcgis/admin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36
-----------------------------------
Content-Length: 2566
Content-Type: text/html;charset=utf-8
Date: Sat, 08 Dec 2018 09:25:32 GMT
Server:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
4.獲取認證
public List<String> getNewAdminToken(ServerCredentialsInfo serverCredentialsInfo, String url) throws IOException { String token = ""; List<String> cookieTokenList = new LinkedList<String>(); HttpPost httpPost = null; try { HttpClient httpClient = HttpClients.createDefault(); //HttpClientBuilder.create(). // new DefaultHttpClient(); String tokenServiceUri = serverCredentialsInfo.getTokenServiceUri(); httpPost = new HttpPost(tokenServiceUri); // 構造訊息頭 //httpPost.setHeader("Referer", "*"); httpPost.setHeader("Content-Type", "application/x-www-form-urlencoded"); // // List<NameValuePair> param = new ArrayList<NameValuePair>(); param.add(new BasicNameValuePair("username",serverCredentialsInfo.getUsername())); param.add(new BasicNameValuePair("password",serverCredentialsInfo.getPassword())); param.add(new BasicNameValuePair("encrypted","false")); param.add(new BasicNameValuePair("f","json")); UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8"); httpPost.setEntity(postEntity); // HttpResponse response = httpClient.execute(httpPost); // 檢驗返回碼 int statusCode = response.getStatusLine().getStatusCode(); if(statusCode != HttpStatus.SC_OK){ System.out.println("請求出錯: "+statusCode); }else{ System.out.println("---------------------------------------------------------------"); for(Header header : response.getAllHeaders()){ System.out.println("Key : " + header.getName() + " ,Value : " + header.getValue()); if(header.getName().equals("Set-Cookie")){ String cookieValue = header.getValue(); cookieTokenList.add(cookieValue.split(";")[0]); } } System.out.println("---------------------------------------------------------------"); String content = EntityUtils.toString(response.getEntity()); System.out.println(content); } } catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){ try { httpPost.releaseConnection(); Thread.sleep(500); } catch (InterruptedException e) { e.printStackTrace(); } } } return cookieTokenList; }
5.獲取伺服器資訊
public static String httpRequest(String url, Map<String, String> headerMap, Map<String, String> cookieMap, Map<String, String> parameterMap) throws IOException { String content = null; /* * HttpPost httpPost = null; try { HttpClient httpClient = * HttpClients.createDefault(); httpPost = new HttpPost(url); // 構造訊息頭 * //httpPost.setHeader("Referer", "*"); List<Header> headerList = * getHeader(headerMap); headerList.add(new BasicHeader("Content-Type", * "application/x-www-form-urlencoded")); Header[] * headers=headerList.toArray(new Header[headerList.size()]); * httpPost.setHeaders(headers); // // List<NameValuePair> param = * getParam(parameterMap); param.add(new BasicNameValuePair("f","json")); * UrlEncodedFormEntity postEntity = new UrlEncodedFormEntity(param, "UTF-8"); * httpPost.setEntity(postEntity); // HttpResponse response = * httpClient.execute(httpPost); * * // 檢驗返回碼 int statusCode = response.getStatusLine().getStatusCode(); * if(statusCode != HttpStatus.SC_OK){ System.out.println("請求出錯: "+statusCode); * }else{ System.out.println( * "---------------------------------------------------------------"); * for(Header header : response.getAllHeaders()){ System.out.println("Key : " + * header.getName() + " ,Value : " + header.getValue()); } System.out.println( * "---------------------------------------------------------------"); content = * EntityUtils.toString(response.getEntity()); System.out.println(content); } } * catch (Exception e) { e.printStackTrace(); }finally{ if(httpPost != null){ * try { httpPost.releaseConnection(); Thread.sleep(500); } catch * (InterruptedException e) { e.printStackTrace(); } } } */ URL urlObj = new URL(url); HttpURLConnection httpURLConnection = (HttpURLConnection) urlObj.openConnection(); try { if (httpURLConnection instanceof HttpsURLConnection) { HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection; SSLContext sc = SSLContext.getInstance("SSL"); sc.init(null, new TrustManager[] { new TrustAnyTrustManager() }, new java.security.SecureRandom()); httpsURLConnection.setSSLSocketFactory(sc.getSocketFactory()); httpsURLConnection.setHostnameVerifier(new TrustAnyHostnameVerifier()); } } catch (NoSuchAlgorithmException | KeyManagementException e) { e.printStackTrace(); } httpURLConnection.setConnectTimeout(5000); httpURLConnection.setReadTimeout(10000); httpURLConnection.setRequestMethod("POST"); // Iterator<Entry<String, String>> it = headerMap.entrySet().iterator(); while (it.hasNext()) { Entry<String, String> parmEntry = it.next(); httpURLConnection.setRequestProperty(parmEntry.getKey(), parmEntry.getValue()); } // String formData = "f=json"; it = parameterMap.entrySet().iterator(); while (it.hasNext()) { Entry<String, String> parmEntry = it.next(); formData += "&" + parmEntry.getKey() + "=" + URLEncoder.encode(parmEntry.getValue(), "UTF-8"); } byte[] bytes = formData.getBytes("UTF-8"); // if it is a POST request httpURLConnection.setRequestMethod("POST"); httpURLConnection.setDoOutput(true); OutputStream outputStream = httpURLConnection.getOutputStream(); outputStream.write(bytes); // InputStream inputStream = httpURLConnection.getInputStream(); Reader reader = new BufferedReader(new InputStreamReader(inputStream, "UTF-8")); StringBuilder contentStringBuilder = new StringBuilder(); char[] buffer = new char[5000]; int n; while ((n = reader.read(buffer)) != -1) { contentStringBuilder.append(buffer, 0, n); } reader.close(); content = contentStringBuilder.toString(); return content; }
6.前端介面
@PostMapping(path = "/generateAdminToken") // @ResponseBody public ResultInfo generateAdminToken(@RequestParam String id) { ResultInfo resultInfo = new ResultInfo(); try { GisServer gisServer = gisServerService.getById(id); TokenUtil tokenUtil = new TokenUtil(); ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl()); serverCredentialsInfo.setUsername(gisServer.getUsername()); serverCredentialsInfo.setPassword(gisServer.getPassword()); serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login"); List<String> token = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login"); resultInfo.setStatus(token == null ? "fail" : "success"); resultInfo.setData(token); // if (result) { // // } } catch (Exception e) { e.printStackTrace(); resultInfo.setStatus("fail"); resultInfo.setInfo(ExceptionUtil.getStackMsg(e)); } return resultInfo; } @PostMapping(path = "/machines") // @ResponseBody public ResultInfo getMachines(@RequestParam String id) { ResultInfo resultInfo = new ResultInfo(); try { GisServer gisServer = gisServerService.getById(id); TokenUtil tokenUtil = new TokenUtil(); ServerCredentialsInfo serverCredentialsInfo = new ServerCredentialsInfo(gisServer.getUrl()); serverCredentialsInfo.setUsername(gisServer.getUsername()); serverCredentialsInfo.setPassword(gisServer.getPassword()); serverCredentialsInfo.setTokenServiceUri(gisServer.getUrl()+"/admin/login"); List<String> tokens = tokenUtil.getNewAdminToken(serverCredentialsInfo, gisServer.getUrl()+"/admin/login"); // Map<String, String> headerMap = new HashMap<String, String>(); headerMap.put("Cookie", StringUtils.join(tokens, ";")); // for(String token : tokens) { // // } Map<String, String> cookieMap = new HashMap<String, String>(); Map<String, String> parameterMap = new HashMap<String, String>(); headerMap.put("f", "json"); String content = ProxyUtil.httpRequest(gisServer.getUrl()+"/admin/machines", headerMap, cookieMap, parameterMap); resultInfo.setStatus(content == null ? "fail" : "success"); resultInfo.setData(content); // if (result) { // // } } catch (Exception e) { e.printStackTrace(); resultInfo.setStatus("fail"); resultInfo.setInfo(ExceptionUtil.getStackMsg(e)); } return resultInfo; }