文章目錄
-
-
- 問題描述
- 解決方法
-
問題描述
需要擷取真實的請求IP,但是由于有Nginx、網關等轉發,如果使用HttpServletRequest執行個體的getRemoteAddr()方法,不會得到真實的請求IP。
解決方法
使用Nginx、Apache、Squid等進行HTTP代理或者負載均衡時,會在請求頭中添加x-forwarded-for字段(戳我get新知識),如果有多個轉發,那麼最後值為如下格式:
x-forwarded-for: client1,proxy1,proxy2,proxy3
注意: 配置Nginx代理時,必須要配置以下内容:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
此配置意為将目前代理的IP追加到x-forwarded-for字段中。
此時,第一個值即為真實的IP位址,我們通過代碼取出它即可:
public String getIpAddress(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip != null && ip.contains(",")) {
ip = ip.split(",")[0];
} else {
ip = request.getRemoteAddr();
}
return ip;
}
當然,針對不同的代理,加的請求頭字段也可能會不同,那麼就可以用以下的代碼:
public String getIpAddress(HttpServletRequest request) throws UnknownHostException {
String ip = request.getHeader("x-forwarded-for");
if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
// apache 代理添加的請求頭
ip = request.getHeader("Proxy-Client-IP");
}
if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
// weblogic 代理添加的請求頭
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
// 某些代理伺服器的請求頭
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
// 某些代理伺服器的請求頭
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
if ("127.0.0.1".equals(ip) || "0:0:0:0:0:0:0:1".equals(ip)) {
//根據網卡取本機配置的IP
InetAddress inet = null;
inet = InetAddress.getLocalHost();
ip = inet.getHostAddress();
}
}
if (ip.contains(",")) {
ip = ip.split(",")[0];
}
return ip;
}
![Java小案例——随機數猜測随機數猜測[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)