How to obtain the real IP address of the client in Java interview
preface
When developing some small games, we often pay more attention to sharing. For sharing, we hope to have different sharing documents according to each city or region, and identify the function of the region. If it is completed by the server, we need to know the real IP of the client. Today, let's take a look at how the server obtains the real IP of the client.
Nginx configuration
First of all, a request can be divided into a request header and a request body, and the IP address information of our client is generally stored in the request header. If your server uses nginx for load balancing, you need to configure x-real-ip and x-forwarded-for request headers in your location:
location ^~ /your-service/ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:60000/your-service/;
}
X-Real-IP
In actual combat nginx, there is a sentence:
This sentence means that when you use the nginx reverse server, use request on the web side getRemoteAddr() (in essence, it is to obtain $remote_addr). What it obtains is the address of nginx, that is, the address encapsulated in the $remote_addr variable is the address of nginx. Of course, it is impossible to obtain the user's real IP. However, nginx can obtain the user's real IP, that is, when nginx uses the $remote_addr variable, it obtains the user's real IP. If we want to obtain the user's real IP on the web, You must perform an assignment operation in nginx, that is, my configuration above:
proxy_set_header X-Real-IP $remote_addr;
X-Forwarded-For
The x-forward-for variable, developed by squid, is a non RFC standard used to identify the address of a client connected to the web server through the original IP of HTTP proxy or load balancer. If x-forward-for is set, there will be a record every time it is forwarded through proxy. The format is client1, proxy1 and proxy2. Separate the addresses with commas. Because it is a non RFC standard, Therefore, it is not available by default and needs to be added forcibly. By default, the remote address of the request forwarded by proxy is the IP address of the proxy in the backend. That is, by default, we use request Getattribute ("x-forwarded-for") cannot obtain the user's IP. If we want to obtain the user's IP through this variable, we need to add the configuration in nginx:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
It means adding a $proxy_ add_ x_ forwarded_ For to x-forwarded-forward, pay attention to increase rather than overwrite. Of course, since the default x-forwarded-forward value is empty, we always feel that the value of x-forwarded-forward is equal to $proxy_ add_ x_ forwarded_ The value of for. In fact, when you build two nginx on different IP addresses and use this configuration, you will find that you can use request. On the web server Getattribute ("x-forwarded-for") will get the client IP and the IP of the first nginx.
So $proxy_ add_ x_ forwarded_ What is for?
$proxy_ add_ x_ forwarded_ The for variable contains x-forwarded-for and $remote in the client request header_ Addr two parts, separated by commas.
For example, there is a web application that was forwarded through two nginx, www.linuxidc.com Com means that the user accesses the web through two nginx.
In the first nginx, use:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Current $proxy_ add_ x_ forwarded_ The x-forward-for part of the for variable is empty, so there is only $remote_ Addr, and $remote_ The value of addr is the user's IP, so after assignment, the value of x-forwarded-for variable is the user's real IP address.
To the second nginx, use:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Current $proxy_ add_ x_ forwarded_ For variable, the x-forward-for part contains the user's real IP, $remote_ The value of addr part is the IP address of the previous nginx, so after this assignment, the current x-forward-for value becomes "the user's real IP, the IP of the first nginx", so it's clear.
Get real IP from server
The code is:
public static String getIpAddress(HttpServletRequest request) {
String Xip = request.getHeader("X-Real-IP");
String XFor = request.getHeader("X-Forwarded-For");
if (!Strings.isNullOrEmpty(XFor) && !"unKNown".equalsIgnoreCase(XFor)) {
//多次反向代理后会有多个ip值,第一个ip才是真实ip
int index = XFor.indexOf(",");
if (index != -1) {
return XFor.substring(0,index);
} else {
return XFor;
}
}
XFor = Xip;
if (!Strings.isNullOrEmpty(XFor) && !"unKNown".equalsIgnoreCase(XFor)) {
return XFor;
}
if (Strings.nullToEmpty(XFor).trim().isEmpty() || "unkNown".equalsIgnoreCase(XFor)) {
XFor = request.getHeader("Proxy-Client-IP");
}
if (Strings.nullToEmpty(XFor).trim().isEmpty() || "unkNown".equalsIgnoreCase(XFor)) {
XFor = request.getHeader("WL-Proxy-Client-IP");
}
if (Strings.nullToEmpty(XFor).trim().isEmpty() || "unkNown".equalsIgnoreCase(XFor)) {
XFor = request.getHeader("HTTP_CLIENT_IP");
}
if (Strings.nullToEmpty(XFor).trim().isEmpty() || "unkNown".equalsIgnoreCase(XFor)) {
XFor = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (Strings.nullToEmpty(XFor).trim().isEmpty() || "unkNown".equalsIgnoreCase(XFor)) {
XFor = request.getRemoteAddr();
}
return XFor;
}
Let's look at the meaning of each request header
X-Real-IP
The nginx agent will normally add this request header.
X-FORWARDED-FOR
This is a field developed by squid. It will be added only when it passes through HTTP proxy or load balancing server.
Proxy client IP and WL proxy client IP
This is usually requested by the Apache HTTP server. When using Apache HTTP as a proxy, the proxy client IP request header is usually added, and WL proxy client IP is the header added by its Weblogic plug-in.
HTTP_ CLIENT_ IP
Some proxy servers add this request header. After searching the Internet, there is a saying:
HTTP_ X_ FORWARDED_ FOR
Referred to as XFF header, it represents the real IP of the client, that is, the requesting side of HTTP. This item will be added only when it passes through HTTP proxy (such as Apache proxy) or load balancing server. It is not the standard request header information defined in the RFC. A detailed description of this item can be found in the squid cache proxy server development document. If you have this message, it indicates that you have used a proxy server, and the address is the following value. Can be forged. The standard format is as follows: x-forwarded-for: client1, proxy2
summary
The above is my method of dealing with the real IP of the client. I hope the content of this article has a certain reference value for your study or work. Thank you for your support.