nginx做静态服务器tomcat中获取不到请求用户的真实ip
web项目中静态页放在nginx服务器,java程序在tomcat中,tomcat的请求日志和request中都获取不到ip
需要在nginx的配置文件中配置
server{
location ^~ /serviceManager/ {
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_pass http://pingtai;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
当nginx作为反向代理服务器时,获取ip只需要在nginx的配置文件中配置
http{
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
nginx作为静态服务器的nginx的配置:
user nginx nginx;
worker_processes 20;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 2048000 ;
}
http {
# limit_conn_zone $limit zone=one:10m;
# limit_req_zone $limit zone=req_one:10m rate=50r/s;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 60;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for "request-time:$request_time" "upstream-time:$upstream_response_time"';
access_log /home/usr/local/nginx/logs/access.log main;
client_body_buffer_size 16k;
client_header_buffer_size 5k;
client_max_body_size 1m;
large_client_header_buffers 8 16k;
fastcgi_buffers 8 128k;
fastcgi_intercept_errors on;
proxy_intercept_errors on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
gzip on;
proxy_redirect off;
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
add_header X-Server $upstream_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#client_max_body_size 10m;
#client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 504 /504.html;
# default 1;
# 127.0.0.1 0;
# 210.5.155.130 0;
# 49.5.2.6 0;
# 118.186.138.162 0;
# }
# map $whiteiplist $limit {
# 1 $binary_remote_addr;
# 0 "";
# }
upstream tomcat1{
# server 192.168.1.54:81;
# server 192.168.1.54:82;
# server 192.168.1.54:83;
# server 192.168.1.54:84;
# server 192.168.1.54:85;
# server 192.168.1.54:86;
# server 192.168.1.54:87;
# server 192.168.1.54:88;
# server 192.168.1.54:89;
# server 192.168.1.54:90;
server 192.168.1.54:91;
# server 192.168.1.54:92;
}
upstream pingtai {
server 192.168.1.55:93;
}
upstream api {
server 192.168.1.54:92;
}
# server {
# listen 80;
# location /nginx_status {
# stub_status on;
# access_log off;
# allow 127.0.0.1;
# deny all;
# }
# }
server {
listen 80;
server_name pingtai.fahaicc.com;
root /home/usr/local/UI/;
index login.html;
location ^~ /bower_components/ {
root /home/usr/local/UI/;
}
location ^~ /app/ {
root /home/usr/local/UI/;
}
location ^~ /serviceManager/ {
proxy_connect_timeout 30;
proxy_send_timeout 30;
proxy_read_timeout 30;
proxy_pass http://pingtai;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location ^~ /dashboard {
rewrite ^(.*)$ /index.html last;
}
#charset koi8-r;
#access_log logs/host.access.log main;
location = /404.html {
root /home/usr/local/nginx/html;
}
location = /403.html {
root /home/usr/local/nginx/html;
}
location = /500.html {
root /home/usr/local/nginx/html;
}
location = /502.html {
root /home/usr/local/nginx/html;
}
location = /503.html {
root /home/usr/local/nginx/html;
}
location = /504.html {
root /home/usr/local/nginx/html;
}
}
nginx作为反向代理服务器的nginx的配置:
user nginx nginx;
worker_processes 20;
worker_rlimit_nofile 65535;
events {
use epoll;
worker_connections 2048000 ;
}
http {
limit_req_zone $binary_remote_addr zone=req_one2:10m rate=100r/s;
limit_conn_zone $binary_remote_addr zone=one2:10m;
limit_req zone=req_one2 burst=100;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 60;
log_format main '$remote_addr - $remote_user [$time_local] "$request" $request_body'
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" $http_x_forwarded_for "request-time:$request_time" "upstream-time:$upstream_response_time"';
access_log /home/usr/local/nginx/logs/access.log main;
client_body_buffer_size 16k;
client_header_buffer_size 5k;
client_max_body_size 1m;
large_client_header_buffers 8 16k;
fastcgi_buffers 8 128k;
fastcgi_intercept_errors on;
proxy_intercept_errors on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_types text/plain application/x-javascript text/css application/xml;
gzip_vary on;
gzip on;
proxy_redirect off;
proxy_set_header Host $host:80;
proxy_set_header X-Real-IP $remote_addr;
add_header X-Server $upstream_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#client_max_body_size 10m;
#client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
error_page 403 /403.html;
error_page 404 /404.html;
error_page 500 /500.html;
error_page 502 /502.html;
error_page 503 /503.html;
error_page 504 /504.html;
upstream bank-report {
server 192.168.1.44:97;
server 192.168.1.47:97;
}
upstream bank-apps {
server 192.168.1.44:99;
server 192.168.1.47:99;
}
upstream bank-monitor {
server 192.168.1.44:96;
server 192.168.1.47:96;
}
include /home/usr/local/nginx/conf.bank/*.conf;
server {
listen 80 default;
server_name localhost;
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
}
java构建的web项目中获取ip地址的工具类:
package com.fahai.cc.service.util;
import javax.servlet.http.HttpServletRequest;
import java.net.InetAddress;
import java.net.UnknownHostException;
public class TCPIPUtil {
public static String getIpAddr(HttpServletRequest request) {
String ipAddress = null;
// ipAddress = this.getRequest().getRemoteAddr();
ipAddress = request.getHeader("x-forwarded-for");
if (ipAddress == null || ipAddress.length() == 0
|| "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.length() == 0
|| "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.length() == 0
|| "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
if (ipAddress.equals("127.0.0.1")
|| ipAddress.equals("0:0:0:0:0:0:0:1")) {
// 根据网卡取本机配置的IP
InetAddress inet = null;
try {
inet = InetAddress.getLocalHost();
ipAddress = inet.getHostAddress();
} catch (UnknownHostException e) {
e.printStackTrace();
}
}
}
// 对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if (ipAddress != null && ipAddress.length() > 15) { // "***.***.***.***".length()
// = 15
if (ipAddress.indexOf(",") > 0) {
ipAddress = ipAddress.substring(0, ipAddress.indexOf(","));
}
}
return ipAddress;
}
}