javaweb的request获取真实IP地址
如果我们服务器使用了nginx、squid等反向代理,就不能再用request的获取IP地址方法,因为这时候获取到的代理服务器的地址,是获取不到真实客户端的IP地址。
1、2访问方式是经过代理,3是直接访问服务器。经过代理后,由于在客户端和服务端增加了中间层,所以服务器获取不到真实的IP地址,但是在转发的请求的HTTP头信息,增加了X-FORWARDED-FOR信息,用来跟踪原有的客户端IP地址和原来客户端请求的服务地址。
编写一个工具类来获取到客户端的真实IP地址
- public final class IPUtil {
- /**
- * 获取请求主机IP地址,如果通过代理进来,则透过防火墙获取真实IP地址;
- *
- * @param request
- * @return
- * @throws IOException
- */
- public final static String getIpAddress(HttpServletRequest request) throws IOException {
- // 获取请求主机IP地址,如果通过代理进来,则透过防火墙获取真实IP地址
- String ip = request.getHeader("X-Forwarded-For");
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("Proxy-Client-IP");
- }
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("WL-Proxy-Client-IP");
- }
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("HTTP_CLIENT_IP");
- }
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getHeader("HTTP_X_FORWARDED_FOR");
- }
- if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
- ip = request.getRemoteAddr();
- }
- } else if (ip.length() > 15) {
- String[] ips = ip.split(",");
- for (int index = 0; index < ips.length; index++) {
- String strIp = (String) ips[index];
- if (!("unknown".equalsIgnoreCase(strIp))) {
- ip = strIp;
- break;
- }
- }
- }
- return ip;
- }
- }
文章参考http://blog.****.net/yin_jw/article/details/24470131,真实可用。