Java-Web獲取客戶端真實IP:
發生的場景:服務器端接收客戶端請求的時候,一般需要進行簽名驗證,客戶端IP限定等情況,在進行客戶端IP限定的時候,需要首先獲取該真實的IP。
一般分為兩種情況:
方式一、客戶端未經過代理,直接訪問服務器端(nginx,squid,haproxy);
方式二、客戶端通過多級代理,最終到達服務器端(nginx,squid,haproxy);
客戶端請求信息都包含在HttpServletRequest中,可以通過方法getRemoteAddr()獲得該客戶端IP。
方式一形式,可以直接獲得該客戶端真實IP。
方式二中通過代理的形式,此時經過多級反向的代理,通過方法getRemoteAddr()得不到客戶端真實IP,可以通過x-forwarded-for獲得轉發后請求信息。當客戶端請求被轉發,IP將會追加在其后並以逗號隔開,例如:10.47.103.13,4.2.2.2,10.96.112.230。
請求中的參數:
request.getHeader("x-forwarded-for") : 10.47.103.13,4.2.2.2,10.96.112.230
request.getHeader("X-Real-IP") : 10.47.103.13
request.getRemoteAddr():10.96.112.230
客戶端訪問經過轉發,IP將會追加在其后並以逗號隔開。最終准確的客戶端信息為:
- x-forwarded-for 不為空,則為逗號前第一個IP ;
- X-Real-IP不為空,則為該IP ;
- 否則為getRemoteAddr() ;
相關請求頭的解釋:
- X-Forwarded-For :這是一個 Squid 開發的字段,只有在通過了HTTP代理或者負載均衡服務器時才會添加該項。
格式為X-Forwarded-For:client1,proxy1,proxy2,一般情況下,第一個ip為客戶端真實ip,后面的為經過的代理服務器ip。現在大部分的代理都會加上這個請求頭。
- Proxy-Client-IP/WL- Proxy-Client-IP :這個一般是經過apache http服務器的請求才會有,用apache http做代理時一般會加上Proxy-Client-IP請求頭,而WL-Proxy-Client-IP是他的weblogic插件加上的頭。
- HTTP_CLIENT_IP :有些代理服務器會加上此請求頭。
- X-Real-IP :nginx代理一般會加上此請求頭。
1 /** 2 * 獲取用戶真實IP地址,不使用request.getRemoteAddr()的原因是有可能用戶使用了代理軟件方式避免真實IP地址, 3 * 可是,如果通過了多級反向代理的話,X-Forwarded-For的值並不止一個,而是一串IP值 4 */ 5 private String getIpAddr(HttpServletRequest request) { 6 String ip = request.getHeader("x-forwarded-for"); 7 System.out.println("x-forwarded-for ip: " + ip); 8 if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) { 9 // 多次反向代理后會有多個ip值,第一個ip才是真實ip 10 if( ip.indexOf(",")!=-1 ){ 11 ip = ip.split(",")[0]; 12 } 13 } 14 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 15 ip = request.getHeader("Proxy-Client-IP"); 16 System.out.println("Proxy-Client-IP ip: " + ip); 17 } 18 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 19 ip = request.getHeader("WL-Proxy-Client-IP"); 20 System.out.println("WL-Proxy-Client-IP ip: " + ip); 21 } 22 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 23 ip = request.getHeader("HTTP_CLIENT_IP"); 24 System.out.println("HTTP_CLIENT_IP ip: " + ip); 25 } 26 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 27 ip = request.getHeader("HTTP_X_FORWARDED_FOR"); 28 System.out.println("HTTP_X_FORWARDED_FOR ip: " + ip); 29 } 30 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 31 ip = request.getHeader("X-Real-IP"); 32 System.out.println("X-Real-IP ip: " + ip); 33 } 34 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 35 ip = request.getRemoteAddr(); 36 System.out.println("getRemoteAddr ip: " + ip); 37 } 38 System.out.println("獲取客戶端ip: " + ip); 39 return ip; 40 }
1 import javax.servlet.http.HttpServletRequest; 2 3 /** 4 * IP校驗 5 */ 6 public class IPUtils { 7 8 public static String getClientAddress(HttpServletRequest request) { 9 if (request == null) { 10 return "unknown"; 11 } 12 String ip = request.getHeader("x-forwarded-for"); 13 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 14 ip = request.getHeader("Proxy-Client-IP"); 15 } 16 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 17 ip = request.getHeader("X-Forwarded-For"); 18 } 19 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 20 ip = request.getHeader("WL-Proxy-Client-IP"); 21 } 22 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 23 ip = request.getHeader("X-Real-IP"); 24 } 25 26 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { 27 ip = request.getRemoteAddr(); 28 } 29 return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip; 30 } 31 32 }
1 public String getIpAddr(HttpServletRequest request){ 2 String ipAddress = request.getHeader("x-forwarded-for"); 3 if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { 4 ipAddress = request.getHeader("Proxy-Client-IP"); 5 } 6 if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { 7 ipAddress = request.getHeader("WL-Proxy-Client-IP"); 8 } 9 if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) { 10 ipAddress = request.getRemoteAddr(); 11 if(ipAddress.equals("127.0.0.1") || ipAddress.equals("0:0:0:0:0:0:0:1")){ 12 //根據網卡取本機配置的IP 13 InetAddress inet=null; 14 try { 15 inet = InetAddress.getLocalHost(); 16 } catch (UnknownHostException e) { 17 e.printStackTrace(); 18 } 19 ipAddress= inet.getHostAddress(); 20 } 21 } 22 //對於通過多個代理的情況,第一個IP為客戶端真實IP,多個IP按照','分割 23 if(ipAddress!=null && ipAddress.length()>15){ //"***.***.***.***".length() = 15 24 if(ipAddress.indexOf(",")>0){ 25 ipAddress = ipAddress.substring(0,ipAddress.indexOf(",")); 26 } 27 } 28 return ipAddress; 29 }
太平洋網絡IP地址查詢Web接口:http://whois.pconline.com.cn/
1 import java.io.BufferedReader; 2 import java.io.DataOutputStream; 3 import java.io.IOException; 4 import java.io.InputStreamReader; 5 import java.io.UnsupportedEncodingException; 6 import java.net.HttpURLConnection; 7 import java.net.URL; 8 9 /** 10 * 根據IP地址獲取詳細的地域信息 第一個方法是傳入ip獲取真實地址 最后一個方法是獲取訪問者真實ip 即使通過Nginx多層代理也可以獲取 11 */ 12 public class AddressUtils { 13 14 public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException { 15 // 這里調用pconline的接口 16 String urlStr = "http://ip.taobao.com/service/getIpInfo.php"; 17 // 從http://whois.pconline.com.cn取得IP所在的省市區信息 18 String returnStr = getResult(urlStr, content, encodingString); 19 if (returnStr != null) { 20 // 處理返回的省市區信息 21 System.out.println(returnStr); 22 String[] temp = returnStr.split(","); 23 if (temp.length < 3) { 24 return "0";// 無效IP,局域網測試 25 } 26 String country = ""; 27 String area = ""; 28 String region = ""; 29 String city = ""; 30 String county = ""; 31 String isp = ""; 32 for (int i = 0; i < temp.length; i++) { 33 switch (i) { 34 case 1: 35 country = (temp[i].split(":"))[2].replaceAll("\"", ""); 36 country = decodeUnicode(country);// 國家 37 break; 38 // case 3: 39 // area = (temp[i].split(":"))[1].replaceAll("\"", ""); 40 // area =decodeUnicode(area);//地區 41 // break; 42 case 5: 43 region = (temp[i].split(":"))[1].replaceAll("\"", ""); 44 region = decodeUnicode(region);// 省份 45 break; 46 case 7: 47 city = (temp[i].split(":"))[1].replaceAll("\"", ""); 48 city = decodeUnicode(city);// 市區 49 break; 50 case 9: 51 county = (temp[i].split(":"))[1].replaceAll("\"", ""); 52 county = decodeUnicode(county);// 地區 53 break; 54 case 11: 55 isp = (temp[i].split(":"))[1].replaceAll("\"", ""); 56 isp = decodeUnicode(isp);// ISP公司 57 break; 58 } 59 } 60 System.out.println(country + area + "=" + region + "=" + city + "=" + county + "=" + isp); 61 StringBuffer sb = new StringBuffer(country).append(region).append(city).append(county).append(" ") 62 .append(isp); 63 return sb.toString(); 64 } 65 return null; 66 } 67 68 /** 69 * @param urlStr 請求的地址 70 * @param content 請求的參數 格式為:name=xxx&pwd=xxx 71 * @param encoding 服務器端請求編碼。如GBK,UTF-8等 72 * @return 73 */ 74 private static String getResult(String urlStr, String content, String encoding) { 75 URL url = null; 76 HttpURLConnection connection = null; 77 try { 78 url = new URL(urlStr); 79 connection = (HttpURLConnection) url.openConnection();// 新建連接實例 80 connection.setConnectTimeout(3000);// 設置連接超時時間,單位毫秒 81 connection.setReadTimeout(3000);// 設置讀取數據超時時間,單位毫秒 82 connection.setDoOutput(true);// 是否打開輸出流 true|false 83 connection.setDoInput(true);// 是否打開輸入流true|false 84 connection.setRequestMethod("POST");// 提交方法POST|GET 85 connection.setUseCaches(false);// 是否緩存true|false 86 connection.connect();// 打開連接端口 87 DataOutputStream out = new DataOutputStream(connection.getOutputStream());// 打開輸出流往對端服務器寫數據 88 out.writeBytes(content);// 寫數據(提交表單) 89 out.flush();// 刷新 90 out.close();// 關閉輸出流 91 // 往對端寫完數據對端服務器返回數據,以BufferedReader流來讀取 92 BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encoding)); 93 StringBuffer buffer = new StringBuffer(); 94 String line = ""; 95 while ((line = reader.readLine()) != null) { 96 buffer.append(line); 97 } 98 reader.close(); 99 return buffer.toString(); 100 } catch (IOException e) { 101 e.printStackTrace(); 102 } finally { 103 if (connection != null) { 104 connection.disconnect();// 關閉連接 105 } 106 } 107 return null; 108 } 109 110 /** 111 * unicode 轉換成 中文 112 */ 113 public static String decodeUnicode(String theString) { 114 char aChar; 115 int len = theString.length(); 116 StringBuffer outBuffer = new StringBuffer(len); 117 for (int x = 0; x < len;) { 118 aChar = theString.charAt(x++); 119 if (aChar == '\\') { 120 aChar = theString.charAt(x++); 121 if (aChar == 'u') { 122 int value = 0; 123 for (int i = 0; i < 4; i++) { 124 aChar = theString.charAt(x++); 125 switch (aChar) { 126 case '0': 127 case '1': 128 case '2': 129 case '3': 130 case '4': 131 case '5': 132 case '6': 133 case '7': 134 case '8': 135 case '9': 136 value = (value << 4) + aChar - '0'; 137 break; 138 case 'a': 139 case 'b': 140 case 'c': 141 case 'd': 142 case 'e': 143 case 'f': 144 value = (value << 4) + 10 + aChar - 'a'; 145 break; 146 case 'A': 147 case 'B': 148 case 'C': 149 case 'D': 150 case 'E': 151 case 'F': 152 value = (value << 4) + 10 + aChar - 'A'; 153 break; 154 default: 155 throw new IllegalArgumentException("Malformed encoding."); 156 } 157 } 158 outBuffer.append((char) value); 159 } else { 160 if (aChar == 't') { 161 aChar = '\t'; 162 } else if (aChar == 'r') { 163 aChar = '\r'; 164 } else if (aChar == 'n') { 165 aChar = '\n'; 166 } else if (aChar == 'f') { 167 aChar = '\f'; 168 } 169 outBuffer.append(aChar); 170 } 171 } else { 172 outBuffer.append(aChar); 173 } 174 } 175 return outBuffer.toString(); 176 } 177 178 // 測試 179 public static void main(String[] args) { 180 AddressUtils addressUtils = new AddressUtils(); 181 182 /** 183 * 測試IP:111.121.72.101 中國貴州省貴陽市 電信 184 */ 185 String ip = "111.121.72.101"; 186 String address = ""; 187 try { 188 address = addressUtils.getAddresses("ip=" + ip, "utf-8"); 189 } catch (UnsupportedEncodingException e) { 190 e.printStackTrace(); 191 } catch (Exception e) { 192 e.printStackTrace(); 193 } 194 System.out.println(address);//中國貴州省貴陽市 電信 195 } 196 }