In the JSP, the method to obtain the IP address of the client is: Request.getremoteaddr (), which is valid in most cases. However, the real IP address of the client cannot be obtained through the reverse proxy software such as Apache,squid,nginx.
If the reverse proxy software is used, the URL of the http://192.168.1.110:2046/is reverse proxy to http://www.javapeixun.com.cn/URL, The IP address obtained with the REQUEST.GETREMOTEADDR () method is: 127.0.0.1 or 192.168.1.110, not the real IP of the client.
After the agent, due to the addition of the middle tier between the client and the service, so the server can not directly get the client's IP, the server-side application can not directly forward the requested address to the client. However, the x-forwarded-for information is added to the HTTP header information of the forwarding request. Used to track the original client IP address and the server address of the original client request. When we visit http://www.javapeixun.com.cn/index.jsp/, it is not that our browser actually accesses the index.jsp file on the server, but first the proxy server accesses HTTP/ 192.168.1.110:2046/INDEX.JSP, the proxy server returns the result of the access to our browser, Because it is the proxy server to access the index.jsp, the IP index.jsp in the Request.getremoteaddr () method is actually the address of the proxy server, not the IP address of the client.
Package Com.rapido.utils;import javax.servlet.http.httpservletrequest;/** * Custom Access Object Tool class * Get information such as the object's IP address * @author X-RAPI Do * */public class Cusaccessobjectutil {/** * Gets the real IP address of the user, does not use REQUEST.GETREMOTEADDR (), because it is possible that the user uses the proxy software to avoid the real IP address, * Reference article: Http://developer.51cto.com/art/201111/305181.htm * However, if the multi-level reverse proxy is passed, the value of x-forwarded-for is more than one, but a string of IP values, What exactly is the real IP of the client? * The answer is to take the first non-unknown valid IP string in x-forwarded-for. * * such as: x-forwarded-for:192.168.1.110, 192.168.1.120, 192.168.1.130, * 192.168.1.100 * * User real IP: 192.168.1.110 * * @para M request * @return */public static string getipaddress (HttpServletRequest request) {String IP = Request.getheader ("X-forw Arded-for "); if (IP = = NULL | | ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) {IP = request.getheader ("Proxy-client-ip");} if (IP = = NULL | | ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) {IP = request.getheader ("Wl-proxy-client-ip");} if (IP = = NULL | | ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) {IP = Request.getheader ("Http_client_ip ");} if (IP = = NULL | | ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) {IP = request.getheader ("Http_x_forwarded_for");} if (IP = = NULL | | ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) {IP = request.getremoteaddr ();} return IP;}}
Java gets the requested user's real IP address via HttpRequest