在现在软件开发中,获取客户端的ip地址是非常常见的操作。request为我们提供request.getRemoteAddr()方法提供ip地址,但是由于我们在一般软件开发中基本都会使用代理,此时用request.getRemoteAddr()获取ip地址就是代理服务器的地址。当使用代理服务时候,需要从代理添加ip请求头中获取对应的ip。
public class IpUtil {
/**
* 获取用户真实IP地址,不使用request.getRemoteAddr()的原因是有可能用户使用了代理软件方式避免真实IP地址,
*
*/
public static String getClientIp(HttpServletRequest request) {
//如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值
String ip = request.getHeader("X-Forwarded-For");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
// 多次反向代理后会有多个ip值,第一个ip才是真实ip
if (ip.indexOf(",") != -1) {
ip = ip.split(",")[0];
}
}
//apache http做代理时一般会加上Proxy-Client-IP请求头
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
//apache http做代理时,weblogic插件加上WL-Proxy-Client-IP。
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
//部分代理服务器加的请求头
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
//分代理服务器加的请求头
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
//nginx代理一般会加上此请求头
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("X-Real-IP");
}
//当不使用代理获取的ip
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip;
}
}