JAVA:获取用户访问ip地址

获取用户真实IP地址:不使用request.getRemoteAddr();的原因是有可能用户使用了代理软件方式避免真实IP地址;
可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值,究竟哪个才是真正的用户端的真实IP呢?

答案是取X-Forwarded-For中第一个非unknown的有效IP字符串。

如:X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130,
则真实Id为:192.168.1.100

工具代码

import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.lang.StringUtils;

import javax.servlet.http.HttpServletRequest;

/**
 * 获取用户访问ip地址
 */
public class IpUtil {
    public static String getIpAddress(HttpServletRequest request) {  
        String ip = request.getHeader("x-forwarded-for");  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("Proxy-Client-IP");  
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("WL-Proxy-Client-IP");  
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("HTTP_CLIENT_IP");  
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("HTTP_X_FORWARDED_FOR");  
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getRemoteAddr();  
        }
        // 获取到多个ip时取第一个作为客户端真实ip
        if (StringUtils.isNotEmpty(ip) && ip.contains(",")) {
        	String[] ipArray = ip.split(",");
        	if (ArrayUtils.isNotEmpty(ipArray)) {
        		ip = ipArray[0];
        	}
        }
        return ip;  
    }  
}

Controller调用代码

@RequestMapping("/urlName.do")
public String MethodName(HttpServletRequest request){
		String ip = IpUtil.getIpAddress(request);
		return ip;
}

参考文章: http://developer.51cto.com/art/201111/305181.htm

你可能感兴趣的:(java,EE,java通用工具方法,java,tcp/ip,apache)