Detailed explanation of Java's method of obtaining client IP based on Request

This article mainly introduces the method of Java to obtain the client IP based on Request. It is very good and has reference value. Friends in need can refer to it

In JSP, the method of obtaining the client's IP address Yes: request.getRemoteAddr(), this method is valid in most cases. However, the real IP address of the client cannot be obtained through reverse proxy software such as Apache and Squid.

If you use reverse proxy software and reverse proxy the URL of http://192.168.1.110:2046/ to the URL of www.xxx.com/, use the request.getRemoteAddr() method to obtain it The IP address is: 127.0.0.1 or 192.168.1.110, not the real IP of the client.

After proxying, due to the addition of an intermediate layer between the client and the service, the server cannot directly obtain the client's IP, and the server-side application cannot directly return the address to the client by forwarding the request. However, in the HTTP header information of the forwarded request, X-FORWARDED-FOR information is added. Used to track the original client IP address and the server address requested by the original client. When we visit http://www.xxx.com/index.jsp/, it is not actually our browser that actually accesses the index.jsp file on the server. Instead, the proxy server first accesses http://192.168. 1.110:2046/index.jsp, the proxy server returns the accessed results to our browser. Because it is the proxy server that accesses index.jsp, the IP obtained through the request.getRemoteAddr() method in index.jsp It is actually the address of the proxy server, not the IP address of the client.

So we can get the first method to obtain the real IP address of the client:

public String getRemortIP(HttpServletRequest request) {
 if (request.getHeader("x-forwarded-for") == null) {
 return request.getRemoteAddr();
 }
 return request.getHeader("x-forwarded-for");
}

But when I visit www.xxx.com/index.jsp/ When, the IP address returned is always unknown, and it is not 127.0.0.1 or 192.168.1.110 as shown above. When I visit http://192.168.1.110:2046/index.jsp, the real IP address of the client can be returned. IP address, I wrote a method to verify it. The reason lies in Squid. The forwarded_for item in the configuration file of squid.conf is on by default. If forwarded_for is set to off, then: Method two:

public String getRemoteHost(javax.servlet.http.HttpServletRequest request){
 String ip = request.getHeader("x-forwarded-for");
 if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
  ip = request.getHeader("Proxy-Client-IP");
 }
 if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
  ip = request.getHeader("WL-Proxy-Client-IP");
 }
 if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)){
  ip = request.getRemoteAddr();
 }
 return ip.equals("0:0:0:0:0:0:0:1")?"127.0.0.1":ip;
}

[Related recommendations] 1.

Share a small case of Request object

2. Java The difference between valueOf and toString, (String)

3. Share the five methods of obtaining client data in the request object in asp

4. Detailed explanation of ASP.NET system object Request

The above is the detailed content of Detailed explanation of Java's method of obtaining client IP based on Request. For more information, please follow other related articles on the PHP Chinese website!