Java clients obtain real IP address

Others 2019-12-06 11:46:32 views: null

       Based on the method of  the HttpServletRequest .getHeader and  HttpServletRequest.getRemoteAddr  describes how to obtain the client real IP address of the server side.

Business Background

      The server receives a client request, the general need for signature verification, and other client IP defined intercept, defined when performing IP client needs to obtain real IP.

Basics

 
      Access server is generally divided into two types:
  • Not through agents, direct access to the server;
  • By multistage agent, and finally to the server (nginx, squid, haproxy).
      The client requests information contained in the HttpServletRequest, access to the first embodiment can be obtained by a real IP client getRemoteAddr () method, while the other does not work, it can be x-forwarded-for the information obtaining request forwarding. When a client request is forwarded, the IP will be an additional and thereafter separated by commas, such as: 10.47.103.13,4.2.2.2,10.96.112.230.
The parameter request: 
  request.getHeader("x-forwarded-for") : 10.47.103.13,4.2.2.2,10.96.112.230
  request.getHeader("X-Real-IP") : 10.47.103.13
  request.getRemoteAddr():10.96.112.230

       Client access through forwarding, IP will be an additional separated by commas thereafter. The final client information is accurate:

  • x-forwarded-for is not empty, for the first IP before comma;
  • X-Real-IP is not empty, compared to the IP;
  • Otherwise getRemoteAddr ();
       Related explanation request header:
       X-Forwarded-For recording a request from the client to the target server proxy experienced during, or IP load balancing device. It was introduced by caching proxy software Squid, used to represent the HTTP request end real IP, has now become the de facto standard, widely used in major HTTP proxy, load balancing, forwarding services, and written RFC 7239 (Forwarded HTTP Extension ) among the standard. Format for the X-Forwarded-For: client1, proxy1, proxy2, under normal circumstances, the first real ip ip for the client, the latter is through a proxy server ip. Now most of the proxy will add this request header.
       Proxy-Client-IP / WL- Proxy  -Client-IP this is the result of a general request apache http server will have, usually coupled with Proxy-Client-IP header when requested to do with apache http proxy, and WL-Proxy-Client -IP his weblogic plugin plus head.
       HTTP_CLIENT_IP   Some proxy servers will be added to this request header.
      Real-IP-the X- nginx proxy will generally add this request headers.

Get real client IP addresses

      Source:

 

/**
 * Get the IP address of the client <br/>
 * Note that the local test access project address, the browser requests do not use localhost, please use the machine IP; otherwise, fail to IP
 *
 * @author east7
 * @Date 2019 Nian 12 Yue 03 Ri
 * @Return String real IP address
  * / 
public  static String getClientIpAddress (the HttpServletRequest Request) {
     // Get IP address of the requesting host, if coming through a proxy, the real IP address is acquired through the firewall 
    String headerName = "X-Forwarded-for" ;
    IP String = request.getHeader (headerName);
     IF ( null = ip.length IP && () = 0 && "Unknown"!!! .EqualsIgnoreCase (IP)) {
         // have a plurality of times after the reverse proxy IP value, the first IP is the real IP, according to which a comma ',' split 
        IF (ip.indexOf ( ",")! = -1 ) {
            ip = ip.split(",")[0];
        }
    }
    if (checkIp(ip)) {
        headerName = "Proxy-Client-IP";
        ip = request.getHeader(headerName);
    }
    if (checkIp(ip)) {
        headerName = "WL-Proxy-Client-IP";
        ip = request.getHeader(headerName);
    }
    if (checkIp(ip)) {
        headerName = "HTTP_CLIENT_IP";
        ip = request.getHeader(headerName);
    }
    if (checkIp(ip)) {
        headerName = "HTTP_X_FORWARDED_FOR";
        ip = request.getHeader(headerName);
    }
    if (checkIp(ip)) {
        headerName = "X-Real-IP";
        ip = request.getHeader(headerName);
    }
    if (checkIp(ip)) {
        headerName = "remote addr";
        IP = request.getRemoteAddr ();
         // 127.0.0.1 IPv4, 0: 0: 0: 0: 0: 0: 0: IPv6. 1 
        IF ( "127.0.0.1" .equals (IP) || "0: 0: 0: 0: 0: 0: 0:. 1 " .equals (IP)) {
             // the card take the machine configuration of the IP 
            InetAddress inet = null ;
             the try {
                inet = InetAddress.getLocalHost();
            } catch (UnknownHostException e) {
                e.printStackTrace ();
            }
            ip = inet.getHostAddress();
        }
    }
    logger.info("getClientIp  IP is " + ip + ", headerName = " + headerName);
    return ip;
}
private static boolean checkIp(String ip) {
    if (null == ip || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
        return true;
    }
    return false;
}

 

Guess you like

Origin www.cnblogs.com/east7/p/11985612.html
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com