REQUEST.GETREMOTEADDR () How to obtain the user's real IP address
Source: Internet
Author: User
REQUEST.GETREMOTEADDR () How to get the user's real IP address
The x-forwarded-for variable in the request header is required to obtain the user's real IP address.
Request.getheader ("X-forwarded-for");
The complete example is as follows
<%@ page contenttype= "text/html; charset=gb2312 "%>
<%@ page import= "java.util.*"%>
<%
String Realip = Request.getheader ("X-forwarded-for");
String IP = request.getremoteaddr ();
enumeration enum = Request.getheadernames ();
while (Enum.hasmoreelements ())
{
String name = (string) enum.nextelement ();
String value = Request.getheader (name);
Out.write (name + "=" + Value + "<br$amp;>quot;$");
}
%>
Your IP address is:<%=realip%>.
In many applications may need to be the user's real IP records, at this point to get the user's real IP address, in the JSP, obtain the client's IP address method is: request.getremoteaddr (), this method in most cases are effective. But in the adoption of APACHE,SQUID and other reverse proxy software can not get to the client's real IP address.
This time in doing IP statistics program design, because the server made a cluster, using the reverse proxy software, will [1] The URL reverse proxy to [2] URL, with the Request.getremoteaddr () method to obtain the IP address is: 127.0.0.1 or 192.168.1.110, not the real IP of the client. What is the reason for that?
This is the reason for the reverse proxy. After the agent, because the client and the service increased between the middle tier, so the server can not directly to the client IP, server-side applications can not directly by forwarding the requested address to return to the client. However, in the HTTP header message that forwards the request, the X-forwarded-for information is added. The server address used to track the original client IP address and the original client request. When we visit/[3], actually is not our browser actually access to the server's index.jsp file, but first by the proxy server to access [4], the proxy server will access to the results returned to our browser, Because it is the proxy server to access index.jsp, so index.jsp through the Request.getremoteaddr () method of IP is actually proxy server address, not the client's IP address.
Then you can get the client real IP address method one:
Public String getipaddr (HttpServletRequest request) {
2 String IP = request.getheader ("X-forwarded-for");
3 if (IP = null | | ip.length () = = 0) {
4 IP = request.getremoteaddr ();
5}
6 return IP;
7}
However, when I access/[5], the returned IP address is always unknown, not as shown in the 127.0.0.1 or 192.168 1.110, and I visit [6], you can return the client's real IP address, write a method to verify.
1<%@ page import= "java.util.*"%>
2<table border=1 cellspacing=0 cellpadding=0 align=center>
3<tr>
4<th>name</th>
5<th>value</th>
6</tr>
7<%
8Enumeration Enumnames;
9String Strname,strvalue;
10
11enumNames = Request.getheadernames ();
12while (Enumnames.hasmoreelements ()) {
StrName = (String) enumnames.nextelement ();
strvalue = Request.getheader (strName);
%>
<tr>
<td$amp;>amp; $lt%=strname% $amp;>amp; $lt;/td>
<td$amp;>amp; $lt%=strvalue% $amp;>amp; $lt;/td>
</tr>
<%
21}
22%>
23<tr>
24</table>
Out of the result: X-forwarded-for:unknown. X-forwarded-for does exist, but its value is unknown, continue to find the reason. Search on the Internet, the reason for the squid on.
The squid.conf configuration file forwarded_for The default is on, if Forwarded_for is set to OFF:
X-forwarded-for:unknown
A check, found Forwarded_for set for off, the reason found, the forwarded_for set for on, after the reboot, Access/[7] IP is the client's real IP.
Then you can get the client real IP address of the method two:
1 public String getipaddr (HttpServletRequest request) {
2 String IP = request.getheader ("X-forwarded-for");
3 if (IP = null | | ip.length () = 0 | | "Unknown". Equalsignorecase (IP)) {
4 IP = request.getheader ("Proxy-client-ip");
5}
6 if (IP = null | | ip.length () = 0 | | "Unknown". Equalsignorecase (IP)) {
7 IP = request.getheader ("Wl-proxy-client-ip");
8}
9 if (IP = null | | ip.length () = 0 | | "Unknown". Equalsignorecase (IP)) {
ip = request.getremoteaddr ();
11}
return IP;
13}
However, if the adoption of multi-level reverse proxy, the value of x-forwarded-for and more than one, but a series of IP values, which is the real user end of the real IP.
The answer is to take the first unknown valid IP string in x-forwarded-for.
Such as:
x-forwarded-for:192.168.1.110, 192.168.1.120, 192.168.1.130, 192.168.1.100
User Real IP is: 192.168.1.110
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.