于是可得出获得客户端真实IP地址的方法一:
public String getIpAddr(HttpServletRequest request) {
2 String ip = request.getHeader("x-forwarded-for");
3 if(ip == null || ip.length() == 0) {
4 ip = request.getRemoteAddr();
5 }
6 return ip;
public String getIpAddr(HttpServletRequest request) {
2 String ip = request.getHeader("x-forwarded-for");
3 if(ip == null || ip.length() == 0) {
4 ip = request.getRemoteAddr();
5 }
6 return ip;
7 }
没代理直连 用request.getRemoteAddr(); 有代理request.getHeader("x-forwarded-for"); 所以这段基本适合所有情况
如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串ip值,
这时候取X-Forwarded-For中第一个非unknown的有效IP字符串如:
X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130, 192.168.1.100
用户真实IP为: 192.168.1.110