nginx做反向負載均衡,后端服務器獲取真實客戶端ip
首先,在前端nginx上需要做如下配置:
location /
proxy_set_hearder host $host;
proxy_set_header X-forwarded-for $proxy_add_x_forwarded_for;
proxy_set_header X-real-ip $remote_addr;
};
nginx會在把請求轉向后台real-server前把http報頭中的ip地址進行替換;這樣操作完成后,real-server也需要做一些操作;
public class ClientIPUtils {
/**
* 在很多應用下都可能有需要將用戶的真實IP記錄下來,這時就要獲得用戶的真實IP地址,在JSP里,獲取客戶端的IP地
* 址的方法是:request.getRemoteAddr(),這種方法在大部分情況下都是有效的。但是在通過了Apache,Squid等
* 反向代理軟件就不能獲取到客戶端的真實IP地址了。
* 但是在轉發請求的HTTP頭信息中,增加了X-FORWARDED-FOR信息。用以跟蹤原有的客戶端IP地址和原來客戶端請求的服務器地址。
* @param request
* @return
*/
public static String getClientIp(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
//String ip = request.getHeader("X-real-ip");
logger.debug("x-forwarded-for = {}", ip);
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
logger.debug("Proxy-Client-IP = {}", ip);
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
logger.debug("WL-Proxy-Client-IP = {}", ip);
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
logger.debug("RemoteAddr-IP = {}", ip);
}
if(StringUtils.isNotBlank(ip)) {
ip = ip.split(",")[0];
}
return ip;
}
}