获取客户端用户真实ip
在服务端获取客户端用户真是ip:
1.nginx配置:
在代理的每个location处添加以下配置:
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
以上配置是在Nginx反向代理的时候,添加一些请求Header。
1. Host包含客户端真实的域名和端口号;
2. X-Forwarded-Proto表示客户端真实的协议(http还是https);
3. X-Real-IP表示客户端真实的IP;
4. X-Forwarded-For这个Header和X-Real-IP类似,但它在多层代理时会包含真实客户端及中间每个代理服务器的IP。
如:
location ~ \.do$ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
2.接口获取:
public static String getRealIp(HttpServletRequest request) {
try {
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
Logger.getLogger().info("realIpAll---" + ip);
//对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if(ip!=null && ip.length()>15){ //"***.***.***.***".length() = 15
if(ip.indexOf(",")>0){
ip = ip.substring(0,ip.indexOf(","));
}
}
return ip;
} catch (Exception e) {
e.printStackTrace();
Logger.getLogger().info(e.getMessage());
return "获取ip出错了";
}
}
3.使用ngrok进行映射,外网测试:
下载ngrok,在windows cmd命令下 切换到ngrok.exe所在目录下,执行命令: ngrok.exe http 8081 ; 其中8081端口可指定;
用户访问页面,在页面中通过第三方工具 如:http://pv.sohu.com/cityjson?ie=utf-8 来获取用户真是ip;
浙公网安备 33010602011771号