Java 让应用程序以编程方式登录到启用SSO的远程Oracle Fusion应用程序
我试图模拟一个人登录到某个受SSO保护的Oracle Fusion应用程序 所以我的第一反应是做一些表格抓取来实现这一点,保存cookies,然后发送它们,然而,我似乎在某个地方被拒绝了 我对如何使用篡改数据完成登录过程做了一些分析,到目前为止,我认为我一切都很好(我发送了所有正确的cookie和大多数标题),所以我不知道我遗漏了什么 请告知 这是我的密码:Java 让应用程序以编程方式登录到启用SSO的远程Oracle Fusion应用程序,java,oracle,single-sign-on,oracle-fusion-apps,Java,Oracle,Single Sign On,Oracle Fusion Apps,我试图模拟一个人登录到某个受SSO保护的Oracle Fusion应用程序 所以我的第一反应是做一些表格抓取来实现这一点,保存cookies,然后发送它们,然而,我似乎在某个地方被拒绝了 我对如何使用篡改数据完成登录过程做了一些分析,到目前为止,我认为我一切都很好(我发送了所有正确的cookie和大多数标题),所以我不知道我遗漏了什么 请告知 这是我的密码: //first I do a request to my report on OBIEE java.net.URL u = new URL
//first I do a request to my report on OBIEE
java.net.URL u = new URL(null, "https://happyhost.domain/analytics/saw.dll?Go&Path=OpportunitiesReport&format=XML&jsonDataFormat=rowset&ViewName=tableView!1&rowsPerPage=9999999999&SyncOperation=1",new sun.net.www.protocol.https.Handler());
URLConnection uc = u.openConnection();
HttpsURLConnection connection = (HttpsURLConnection)uc;
connection.setRequestProperty("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:20.0) Gecko/20100101 Firefox/20.0");
connection.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
connection.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
connection.setRequestProperty("Accept-Decoding", "gzip, deflate");
//read the response
BufferedReader in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
//save the cookies to a HashMap (that's what the HttpCookies class is)
String headerName=null;
for (int i=1; (headerName = uc.getHeaderFieldKey(i))!=null; i++) {
if (headerName.equals("Set-Cookie")) {
HttpCookies.addCookieFromHeader(uc.getHeaderField(i));
}
System.out.println(headerName +": "+uc.getHeaderField(i)+"\n");
}
System.out.println("Sending the following cookies: "+HttpCookies.getCookiesString());
result = result + "Sending the following cookies: "+HttpCookies.getCookiesString()+"\n";
String fetchedContent = "";
String inputLine;
while ((inputLine = in.readLine()) != null) {
fetchedContent = fetchedContent + inputLine;
}
System.out.println(fetchedContent);
result = result + "we downloaded"+ fetchedContent + "\n";
in.close();
String txt = fetchedContent;
HashMap<String,String> parametersMap = new HashMap<String,String>();
String re1="(<)"; // Any Single Character 1
String re2="(input)"; // Word 1
String re3="(.*?)"; // Non-greedy match on filler
String re11="(>)"; // Any Single Character 4
Pattern p = Pattern.compile(re1+re2+re3+re11,Pattern.CASE_INSENSITIVE | Pattern.DOTALL);
Matcher m = p.matcher(txt);
String parameters = "";
while (m.find())
{
String c1=m.group(3);
String re4="(name)"; // Word 3
String re5="(=)"; // Any Single Character 3
String re6="([\"']?([^'\" ]+)[\"']?)"; // Double Quote String 2
Pattern p3 = Pattern.compile(re4+re5+re6,Pattern.CASE_INSENSITIVE | Pattern.DOTALL);
Matcher m3 = p3.matcher(c1);
String name = "";
if(m3.find())
{
name = m3.group(3).replaceAll("\"", "");
}
String re8="(VALUE)"; // Word 3
String re9="(=)"; // Any Single Character 3
String re10="([\"']?([^'\" ]+)[\"']?)"; // Double Quote String 2
Pattern p2 = Pattern.compile(re8+re9+re10,Pattern.CASE_INSENSITIVE | Pattern.DOTALL);
Matcher m2 = p2.matcher(c1);
String value;
if(m2.find())
{
value = m2.group(3).replaceAll("\"", "");
parametersMap.put(name,value);
if(name.equals("request_id")) {
String[] bits = value.split(";");
parametersMap.put(name,bits[bits.length-1]);
}
}
}
for(String key : parametersMap.keySet())
{
parameters = parameters + key+"="+parametersMap.get(key)+"&";
}
System.out.println("we are at "+uc.getURL());
result = result + "we are at "+uc.getURL() + "\n";
txt= uc.getURL().toString();
re1="(https)"; // Word 1
re2="(:)"; // Any Single Character 1
re3="(\\/)"; // Any Single Character 2
String re4="(\\/)"; // Any Single Character 3
String re5="((?:[a-z][a-z\\.\\d\\-]+)\\.(?:[a-z][a-z\\-]+))(?![\\w\\.])"; // Fully Qualified Domain Name 1
String re6="(:)"; // Any Single Character 4
String re7="(\\d+)"; // Integer Number 1
String re8="(\\/)"; // Any Single Character 5
String re9=".*?"; // Non-greedy match on filler
String re10="(b)"; // Any Single Character 6
p = Pattern.compile(re1+re2+re3+re4+re5+re6+re7+re8+re9+re10,Pattern.CASE_INSENSITIVE | Pattern.DOTALL);
m = p.matcher(txt);
String authServer = "";
if (m.find())
{
String word1=m.group(1);
String c1=m.group(2);
String c2=m.group(3);
String c3=m.group(4);
String fqdn1=m.group(5);
String c4=m.group(6);
String int1=m.group(7);
String c5=m.group(8);
String c6=m.group(9);
System.out.print("matched redirect "+word1.toString()+c1.toString()+c2.toString()+c3.toString()+fqdn1.toString()+c4.toString()+int1.toString());
authServer = word1.toString()+c1.toString()+c2.toString()+c3.toString()+fqdn1.toString();
}
parameters = parameters + "&userid="+username+"&password="+password;
System.out.println("\n\nSending paramenters:" + parameters+"\n\n");
System.out.println("\nSending to:" + authServer+"/oam/server/auth_cred_submit");
u = new URL(null, authServer+"/oam/server/auth_cred_submit",new sun.net.www.protocol.https.Handler());
uc = u.openConnection();
connection = (HttpsURLConnection)uc;
connection.setDoOutput(true);
connection.setDoInput(true);
connection.setInstanceFollowRedirects(true);
connection.setRequestProperty("Cookie", HttpCookies.getCookiesString());
connection.setRequestMethod("POST");
//connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
//connection.setRequestProperty("charset", "utf-8");
connection.setRequestProperty("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:20.0) Gecko/20100101 Firefox/20.0");
//connection.setRequestProperty("Content-Length", "" + Integer.toString(parameters.getBytes().length));
connection.setUseCaches (false);
DataOutputStream wr = new DataOutputStream(connection.getOutputStream ());
wr.writeBytes(parameters);
wr.flush();
wr.close();
connection.disconnect();
in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
headerName=null;
for (int i=1; (headerName = uc.getHeaderFieldKey(i))!=null; i++) {
if (headerName.equals("Set-Cookie")) {
HttpCookies.addCookieFromHeader(uc.getHeaderField(i));
}
}
fetchedContent = "";
while ((inputLine = in.readLine()) != null) {
fetchedContent = fetchedContent + inputLine;
}
System.out.println(fetchedContent);
in.close();
result = result + fetchedContent + "\n";
System.out.println("------------------------------");
u = new URL(null, "https://" + Settings.getInstance().getCrmHost()+"/analytics/saw.dll?Go&Path=%2Fshared%2FMobilytics%2FOpportunities&format=XML&jsonDataFormat=rowset&ViewName=tableView!1&rowsPerPage=9999999999&SyncOperation=1",new sun.net.www.protocol.https.Handler());
uc = u.openConnection();
connection = (HttpsURLConnection)uc;
connection.setRequestProperty("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:20.0) Gecko/20100101 Firefox/20.0");
connection.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
connection.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
connection.setRequestProperty("Accept-Decoding", "gzip, deflate");
in = new BufferedReader(new InputStreamReader(uc.getInputStream()));
headerName=null;
for (int i=1; (headerName = uc.getHeaderFieldKey(i))!=null; i++) {
if (headerName.equals("Set-Cookie")) {
HttpCookies.addCookieFromHeader(uc.getHeaderField(i));
}
System.out.println(headerName +": "+uc.getHeaderField(i)+"\n");
}
System.out.println("Sending the following cookies: "+HttpCookies.getCookiesString());
result = result + "Sending the following cookies: "+HttpCookies.getCookiesString()+"\n";
fetchedContent = "";
inputLine = "";
while ((inputLine = in.readLine()) != null) {
fetchedContent = fetchedContent + inputLine;
}
System.out.println(fetchedContent);
result = result + "we downloaded"+ fetchedContent + "\n";
//首先我请求我的OBIEE报告
java.net.URL u=新URL(空,“https://happyhost.domain/analytics/saw.dll?Go&Path=OpportunitiesReport&format=XML&jsonDataFormat=rowset&ViewName=tableView!1&rowsPerPage=9999999999&SyncOperation=1“,new sun.net.www.protocol.https.Handler());
URLConnection uc=u.openConnection();
HttpsURLConnection连接=(HttpsURLConnection)uc;
connection.setRequestProperty(“用户代理”、“Mozilla/5.0(Macintosh;英特尔Mac OS X 10.8;rv:20.0)Gecko/20100101 Firefox/20.0”);
setRequestProperty(“Accept”,“text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8”);
setRequestProperty(“接受语言”,“en-US,en;q=0.5”);
setRequestProperty(“接受解码”、“gzip、deflate”);
//阅读回复
BufferedReader in=新的BufferedReader(新的InputStreamReader(uc.getInputStream());
//将cookies保存到HashMap(这就是HttpCookies类)
字符串headerName=null;
for(int i=1;(headerName=uc.getHeaderFieldKey(i))!=null;i++){
if(headerName.equals(“设置Cookie”)){
HttpCookies.addCookieFromHeader(uc.getHeaderField(i));
}
System.out.println(headerName+“:“+uc.getHeaderField(i)+”\n”);
}
System.out.println(“发送以下cookies:+HttpCookies.getCookiesString());
结果=结果+“发送以下Cookie:“+HttpCookies.GetCookieString()+”\n”;
字符串fetchedContent=“”;
字符串输入线;
而((inputLine=in.readLine())!=null){
fetchedContent=fetchedContent+inputLine;
}
System.out.println(fetchedContent);
结果=结果+“我们下载的”+获取的内容+“\n”;
in.close();
字符串txt=获取的内容;
HashMap参数map=newhashmap();
字符串re1=“()”;//任何单个字符4
Pattern p=Pattern.compile(re1+re2+re3+re11,Pattern.CASE|u不区分| Pattern.DOTALL);
匹配器m=p.Matcher(txt);
字符串参数=”;
while(m.find())
{
字符串c1=m组(3);
字符串re4=“(名称)”;//单词3
字符串re5=“(=)”;//任何单个字符3
String re6=“([\”]?([^'\“]+)[\”]?);//双引号字符串2
Pattern p3=Pattern.compile(re4+re5+re6,Pattern.CASE|u不区分| Pattern.DOTALL);
匹配器m3=p3.匹配器(c1);
字符串名称=”;
if(m3.find())
{
name=m3.group(3.replaceAll(“\”,”);
}
字符串re8=“(值)”;//单词3
字符串re9=“(=)”;//任何单个字符3
String re10=“([\”]?([^'\“]+)[\”]?);//双引号字符串2
Pattern p2=Pattern.compile(re8+re9+re10,Pattern.CASE|u不区分| Pattern.DOTALL);
匹配器m2=p2。匹配器(c1);
字符串值;
if(m2.find())
{
value=m2.group(3.replaceAll(“\”,”);
参数map.put(名称、值);
if(name.equals(“请求id”)){
字符串[]位=值。拆分(“;”);
参数map.put(名称,位[bits.length-1]);
}
}
}
for(字符串键:参数map.keySet())
{
参数=参数+键+“=”+参数映射获取(键)+“&”;
}
System.out.println(“我们在”+uc.getURL());
result=result+“我们在”+uc.getURL()+“\n”;
txt=uc.getURL().toString();
re1=“(https)”;//单词1
re2=“(:)”;//任何单个字符1
re3=“(\\/)”;//任何单个字符2
字符串re4=“(\\/)”;//任何单个字符3
字符串re5=“((?:[a-z][a-z\\.\\d\\\-]+)\。(?:[a-z][a-z\\-]+)(?![\\w\\\.])”;//完全限定域名1
字符串re6=“(:)”;//任何单个字符4
字符串re7=“(\\d+)”//整数1
字符串re8=“(\\/)”;//任何单个字符5
字符串re9=“*”;//填充上的非贪婪匹配
字符串re10=“(b)”;//任何单个字符6
p=Pattern.compile(re1+re2+re3+re4+re5+re6+re7+re8+re9+re10,Pattern.CASE|u不区分| Pattern.DOTALL);
m=p.matcher(txt);
字符串authServer=“”;
if(m.find())
{
字符串word1=m.group(1);
字符串c1=m组(2);
字符串c2=m组(3);
字符串c3=m组(4);
字符串fqdn1=m.group(5);
字符串c4=m组(6);
字符串int1=m.group(7);
串c5=m组(8);
字符串c6=m组(9);
System.out.print(“匹配重定向”+word1.toString()+c1.toString()+c2.toString()+c3.toString()+fqdn1.toString()+c4.toString()+int1.toString());
authServer=word1.toString()+c1.toString()+c2.toString()+c3.toString()+fqdn1.toString();
}
参数=参数+”&userid=“+username+”&password=“+password;
System.out.println(“\n\n发送参数:“+parameters+”\n\n”);
System.out.println(“\n发送至:“+authServer+”/oam/server/auth_cred_submit”);
u=新URL(空,authServer+“/oam/server/auth_cred_submit”,new sun.net.www.protocol.https.Handler());
uc=u.openConnection();
连接=(HttpsURLConnection)uc;
connection.setDoOutput(真);
connection.setDoInput(true);
connection.setInstanceFlowRedirects(true);
connection.setRequestProperty(“Cookie”,HttpCookies.getCookieString());
connection.setRequestMethod(“POST”);
//connection.setRequestProperty(“内容类型”、“应用程序/x-www-form-urlencoded”);
//setRequestProperty(“字符集”、“utf-8”);
connection.setRequestProperty(“用户代理”、“Mozilla/5.0(Macintosh;英特尔Mac OS X 10.8;rv:20.0)Gecko/20100101 Firefox/20.0”);
//connection.setRequestProperty(“Content Length”,“Integer.toString(parameters.getBytes().Length));
connection.setUseCaches(false);
DataOutputStream wr=新的数据输出