Java obtains the real ip address of the client, and java obtains the ip address

Source: Internet
Author: User

Java obtains the real ip address of the client, and java obtains the ip address

In JSP, the method for obtaining the Client IP address is request. getRemoteAddr (), which is valid in most cases. However, the real IP address of the client cannot be obtained through reverse proxy software such as Apache and Squid. Like a mobile gateway, the ISAPI filter iisforward will repackage the request object and append some header information to WLS. In this case, directly using request. getRemoteAddr () cannot obtain the real customer IP address.

If reverse proxy software is used, when the URL reverse proxy of http: // 192.168.1.110: 2046/is set to the URL of the http://www.javapeixun.com.cn/, request is used. the IP address obtained by the getRemoteAddr () method is 127.0.0.1 or 192.168.1.110, but not the real IP address of the client.

After proxy, because the intermediate layer is added between the client and the service, the server cannot directly obtain the IP address of the client, and the server application cannot directly return the IP address of the forwarded request to the client. However, X-FORWARDED-FOR information is added in the HTTP header information that forwards the request. It is used to track the original Client IP address and the server address of the original client request. When we access http://www.javapeixun.com.cn/index. jsp/is not actually the index on the server accessed by our browser. the jsp file is first accessed by the Proxy Server http: // 192.168.1.110: 2046/index. jsp, the proxy server returns the access results to our browser, because the proxy server accesses the index. jsp, so index. in jsp, request. the IP obtained by getRemoteAddr () is actually the proxy server address, not the client IP address.

The actual iisforward appending header is as follows:

1 WL-Proxy-Client-IP=211.161.1.239  2 Proxy-Client-IP=211.161.1.239  3 X-Forwarded-For=211.161.1.239  4 WL-Proxy-Client-Keysize=   5 WL-Proxy-Client-Secretkeysize=   6 X-WebLogic-Request-ClusterInfo=true  7 X-WebLogic-KeepAliveSecs=30  8 X-WebLogic-Force-JVMID=-327089098  9 WL-Proxy-SSL=false

You can obtain the real IP address of the client as follows:

 

1 private String getIpAddress (HttpServletRequest request) {2 String ipAddress = null; 3 ipAddress = request. getHeader ("x-forwarded-for"); 4 if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (ipAddress) {5 ipAddress = request. getHeader ("Proxy-Client-IP"); 6} 7 if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (ipAddress) {8 ipAddress = requ Est. getHeader ("WL-Proxy-Client-IP"); 9} 10 if (ipAddress = null | ipAddress. length () = 0 | "unknown ". equalsIgnoreCase (ipAddress) {11 ipAddress = request. getRemoteAddr (); 12 if (ipAddress. equals ("127.0.0.1") {13 // obtain the IP address 14 InetAddress inet = null configured on the local machine based on the NIC; 15 try {16 inet = InetAddress. getLocalHost (); 17} catch (UnknownHostException e) {18 e. printStackTrace (); 19} 20 ipAddress = inet. getHostAd Dress (); 21} 22} 23 // when multiple proxies are used, the first IP address is the real IP address of the client. Multiple IP addresses are split into 24 if (ipAddress! = Null & ipAddress. length ()> 15 ){//"***. ***. ***. ***". length () = 15 25 if (ipAddress. indexOf (",")> 0) {26 ipAddress = ipAddress. substring (0, ipAddress. indexOf (","); 27} 28} 29 return ipAddress; 30}

After multi-level reverse proxy, there are more than one x-forwarded-for value, but a string of IP values. In this case, the first valid Non-unknown IP in x-forwarded-for is the real IP address.

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.