java web服务端有时需要获取网络请求ip链条,用来做权限判断。
例如:1、只有请求经过某个固定ip链路才认为是合法的(必须是某个固定环境的请求)。2、请求一旦经过某个ip就认为非法(防非法代理挟持)。3、请求必须经过某个ip才认为合法(网络监控)。
代码如下:
public String getProxyIpLine(HttpServletRequest request) {
StringBuilder ipLine = new StringBuilder("");
String ip = request.getHeader("X-Real-IP");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getHeader("X-Forwarded-For");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getHeader("Proxy-Client-IP");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getHeader("WL-Proxy-Client-IP");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getHeader("HTTP_CLIENT_IP");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
ip = request.getRemoteAddr();
if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
ipLine.append(ip).append(";");
}
return ipLine.toString();
}
每行代码含义参考:https://blog.csdn.net/javaee_gao/article/details/90212188 (不剽窃,只做个笔记)