像移动网关一样,iisforward这个ISAPI过滤器也会对request对象进行再包装,附加一些WLS要用的头信息。这种情况下,直接用request.getRemoteAddr()是无法取到真正的客户IP的。
实际的iisforward附加头如下:
WL-Proxy-Client-IP=211.161.1.239 Proxy-Client-IP=211.161.1.239 X-Forwarded-For=211.161.1.239 WL-Proxy-Client-Keysize= WL-Proxy-Client-Secretkeysize= X-WebLogic-Request-ClusterInfo=true X-WebLogic-KeepAliveSecs=30 X-WebLogic-Force-JVMID=-327089098 WL-Proxy-SSL=false
综上,正确作法如下:
private String getIpAddr() { String ipAddress = null; //ipAddress = this.getRequest().getRemoteAddr(); ipAddress = this.getRequest().getHeader("x-forwarded-for"); if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { ipAddress = this.getRequest().getHeader("Proxy-Client-IP"); } if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { ipAddress = this.getRequest().getHeader("WL-Proxy-Client-IP"); } if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { ipAddress = this.getRequest().getRemoteAddr(); if(ipAddress.equals("127.0.0.1")){ //根据网卡取本机配置的IP InetAddress inet=null; try { inet = InetAddress.getLocalHost(); } catch (UnknownHostException e) { e.printStackTrace(); } ipAddress= inet.getHostAddress(); } } //对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割 if(ipAddress!=null && ipAddress.length()>15){ //"***.***.***.***".length() = 15 if(ipAddress.indexOf(",")>0){ ipAddress = ipAddress.substring(0,ipAddress.indexOf(",")); } } return ipAddress; }
import javax.servlet.http.HttpServletRequest; public class IpAddr { public static String getIpAddr(HttpServletRequest request) { String ip = request.getHeader("x-forwarded-for"); if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } return ip; } }
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
