Nginx获取真实用户IP

问题概述

通过Nginx反向代理后，HttpServletRequest.getRemoteAddr()方法无法获取到用户的真实IP，只能获取到本机IP127.0.0.1，这是因为传入Java后端的是Nginx本机的IP

解决办法

将用户的IP存储到Nginx的消息头，Java后端直接通过消息头获取用户真实的IP

解决过程

Nginx将真实IP存储到消息头

在Nginx配置文件的http{}中加入以下代码：

# 下面三行为重点，添加后就可以获取到客户端真实IP
set_real_ip_from 0.0.0.0/0;
real_ip_header  X-Forwarded-For;
real_ip_recursive on;
    
# 下面三行为常见反向代理传递真实客户端IP的配置，配置在http{}中，则全局应用在下面的所有server中
proxy_set_header Host      $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Java获取真实IP

package com.ledao.util;

import javax.servlet.http.HttpServletRequest;

/**
 * @author LeDao
 * @company
 * @create 2021-12-14 12:20
 */
public class IpUtil {

    public static String getIpAddr(HttpServletRequest request) {
        String fromSource = "X-Real-IP";
        String ip = request.getHeader(fromSource);
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("X-Forwarded-For");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("Proxy-Client-IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("WL-Proxy-Client-IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getRemoteAddr();
        }
        return ip;
    }
}