JSP obtains the real IP address code in the JSP, obtains the client IP address the method is: Request.getremoteaddr (), this method in most cases is valid. However, the real IP address of the client cannot be obtained through the reverse proxy software such as Apache,squid. If the reverse proxy software is used, the IP address obtained with the REQUEST.GETREMOTEADDR () method is: 127.0.0.1 or 192.168.1.110, not the real IP of the client.
After the agent, due to the addition of the middle tier between the client and the service, so the server can not directly get the client's IP, the server-side application can not directly forward the requested address to the client. However, the x-forwarded-for information is added to the HTTP header information of the forwarding request. Used to track the original client IP address and the server address of the original client request. When we visit index.jsp/, it is not that our browser actually accesses the index.jsp file on the server, but first the proxy server to access the index.jsp, the proxy server will return the results of the access to our browser, Because it is the proxy server to access the index.jsp, the IP index.jsp in the Request.getremoteaddr () method is actually the address of the proxy server, not the IP address of the client.
So we can get the real IP address of the client method one:
The code is as follows:
1 Public 2ifnull 3 return 4 5 return request.getheader ("x-forwarded-for"6 }
To obtain the client's real IP address method two:
The code is as follows:
1 PublicString getipaddr (httpservletrequest request) {2String IP = request.getheader ("X-forwarded-for"); 3 if(IP = =NULL|| Ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) { 4ip = Request.getheader ("Proxy-client-ip"); 5 } 6 if(IP = =NULL|| Ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) { 7ip = Request.getheader ("Wl-proxy-client-ip"); 8 } 9 if(IP = =NULL|| Ip.length () = = 0 | | "Unknown". Equalsignorecase (IP)) { TenIP =request.getremoteaddr (); One } A returnIP; -}
However, if through the multi-level reverse proxy, x-forwarded-for value and more than one, but a string of IP values, exactly which is the real client IP?
The answer is to take the first non-unknown valid IP string in x-forwarded-for. Such as:
x-forwarded-for:192.168.1.110, 192.168.1.120, 192.168.1.130, 192.168.1.100
User Real IP: 192.168.1.110
"Reprint" JSP Gets the code of the real IP address
