In Java, HttpRequest is used to obtain the real IP address of the user.

In Java, HttpRequest is used to obtain the real IP address of the user.

In JSP, the method for obtaining the Client IP address is request. getRemoteAddr (), which is valid in most cases. However, the real IP address of the client cannot be obtained through reverse proxy software such as Apache, Squid, and nginx.

If reverse proxy software is used, when the URL reverse proxy of http: // 192.168.1.110: 2046/is set to the URL of the http://www.bkjia.com/, request is used. the IP address obtained by the getRemoteAddr () method is 127.0.0.1 or 192.168.1.110, but not the real IP address of the client.

After proxy, because the intermediate layer is added between the client and the service, the server cannot directly obtain the IP address of the client, and the server application cannot directly return the IP address of the forwarded request to the client. However, X-FORWARDED-FOR information is added in the HTTP header information that forwards the request. It is used to track the original Client IP address and the server address of the original client request. When we access http://www.bkjia.com/index. jsp/is not actually the index on the server accessed by our browser. the jsp file is first accessed by the Proxy Server http: // 192.168.1.110: 2046/index. jsp, the proxy server returns the access results to our browser, because the proxy server accesses the index. jsp, so index. in jsp, request. the IP obtained by getRemoteAddr () is actually the proxy server address, not the client IP address.

Package com. rapido. utils; import javax. servlet. http. httpServletRequest; /*** get the IP address and other information of the object using the custom access object tool ** @ author X-rapido **/public class CusAccessObjectUtil {/*** to obtain the real IP address of the user, do not use request. getRemoteAddr (); the reason is that the user may use the proxy software to avoid real IP addresses. ** however, if the multi-level reverse proxy is passed, x-Forwarded-For has more than one value, but a string of IP values. Which one is the real IP address of the client? * The answer is to take the first valid IP string not unknown in X-Forwarded-. ** For example, X-Forwarded-For: 192.168.1.110, 192.168.1.120, 192.168.1.130, and * 192.168.1.100 **. The real IP address of a user is: 192.168.1.110 ** @ param request * @ return */public static String getIpAddress (HttpServletRequest request) {String ip = request. getHeader ("x-forwarded-for"); if (ip = null | ip. length () = 0 | "unknown ". equalsIgnoreCase (ip) {ip = request. getHeader ("Proxy-Client-IP");} if (ip = null | ip. length () = 0 | "unknown ". equalsIgnoreCase (ip) {ip = request. getHeader ("WL-Proxy-Client-IP");} if (ip = null | ip. length () = 0 | "unknown ". equalsIgnoreCase (ip) {ip = request. getHeader ("HTTP_CLIENT_IP");} if (ip = null | ip. length () = 0 | "unknown ". equalsIgnoreCase (ip) {ip = request. getHeader ("HTTP_X_FORWARDED_FOR");} if (ip = null | ip. length () = 0 | "unknown ". equalsIgnoreCase (ip) {ip = request. getRemoteAddr () ;}return ip ;}}