笔记
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57
| /** * 获取真实IP * <p> * X-Forwarded-For:Squid 服务代理 只有在通过了HTTP代理或者负载均衡服务器时才会添加该项, * 格式为X-Forwarded-For:client1,proxy1,proxy2,一般情况下,第一个ip为客户端真实ip,后面的为经过的代理服务器ip * <p> * Proxy-Client-IP:apache 服务代理 * <p> * WL-Proxy-Client-IP:weblogic 服务代理 * <p> * HTTP_CLIENT_IP:有些代理服务器 * <p> * X-Real-IP:nginx服务代理 * * @param request 请求体 * @return 真实IP */ public static String getRealIp(HttpServletRequest request) { // 这个一般是Nginx反向代理设置的参数 String ip = request.getHeader("X-Real-IP"); if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("X-Forwarded-For"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_CLIENT_IP"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("HTTP_X_FORWARDED_FOR"); } if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } //根据网卡取本机配置的IP // if(ip.equals("127.0.0.1") || ip.equals("0:0:0:0:0:0:0:1")){ // InetAddress inet=null; // try { // inet = InetAddress.getLocalHost(); // } catch (UnknownHostException e) { // e.printStackTrace(); // } // ip= inet.getHostAddress(); // } // 处理多IP的情况(只取第一个IP) if (ip != null && ip.contains(",")) { String[] ipArray = ip.split(","); ip = ipArray[0]; } ip = ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip; return ip; }
|
说明
获取用户真实IP地址,为什么不直接使用request.getRemoteAddr()的原因是有可能用户使用了代理方式避免真实IP地址,如果使用了代理就可能出现多级反向代理,那X-Forwarded-For的值并不止一个,而是一串IP值,至于哪个才是真正的用户端的真实IP? 答案是取X-Forwarded-For中第一个非unknown的有效IP字符串,而且可能获取的是代理服务器的IP
结束