快捷導(dǎo)航

淺談使用Java Web獲取客戶端真實(shí)IP的方法示例詳解

更新時(shí)間：2020年07月15日 11:36:49 作者：為你編程

這篇文章主要介紹了使用Java-Web獲取客戶端真實(shí)IP的方法示例詳解。一般我們無法獲取客戶端真實(shí)IP，原因是：當(dāng)我們通過request獲取客戶端IP時(shí)，自身服務(wù)器通常會為了保護(hù)信息或者負(fù)載均衡的目的，對自身服務(wù)器做反向代理。對此感興趣可以了解一下

Java-Web獲取客戶端真實(shí)IP：

發(fā)生的場景：服務(wù)器端接收客戶端請求的時(shí)候，一般需要進(jìn)行簽名驗(yàn)證，客戶端IP限定等情況，在進(jìn)行客戶端IP限定的時(shí)候，需要首先獲取該真實(shí)的IP。

一般分為兩種情況：

　　方式一、客戶端未經(jīng)過代理，直接訪問服務(wù)器端(nginx,squid,haproxy)；

　　方式二、客戶端通過多級代理，最終到達(dá)服務(wù)器端(nginx,squid,haproxy)；

客戶端請求信息都包含在HttpServletRequest中，可以通過方法getRemoteAddr()獲得該客戶端IP。

　　方式一形式，可以直接獲得該客戶端真實(shí)IP。

　　方式二中通過代理的形式，此時(shí)經(jīng)過多級反向的代理，通過方法getRemoteAddr()得不到客戶端真實(shí)IP，可以通過x-forwarded-for獲得轉(zhuǎn)發(fā)后請求信息。當(dāng)客戶端請求被轉(zhuǎn)發(fā)，IP將會追加在其后并以逗號隔開，例如：10.47.103.13,4.2.2.2,10.96.112.230。

請求中的參數(shù)：

　　request.getHeader("x-forwarded-for"):10.47.103.13,4.2.2.2,10.96.112.230

　　request.getHeader("X-Real-IP"):10.47.103.13

　　request.getRemoteAddr():10.96.112.230

客戶端訪問經(jīng)過轉(zhuǎn)發(fā)，IP將會追加在其后并以逗號隔開。最終準(zhǔn)確的客戶端信息為：

x-forwarded-for 不為空，則為逗號前第一個(gè)IP ；
X-Real-IP不為空，則為該IP；
否則為getRemoteAddr() ；

相關(guān)請求頭的解釋：

X-Forwarded-For ：這是一個(gè) Squid 開發(fā)的字段，只有在通過了HTTP代理或者負(fù)載均衡服務(wù)器時(shí)才會添加該項(xiàng)。

　　　　格式為X-Forwarded-For:client1,proxy1,proxy2，一般情況下，第一個(gè)ip為客戶端真實(shí)ip，后面的為經(jīng)過的代理服務(wù)器ip?，F(xiàn)在大部分的代理都會加上這個(gè)請求頭。

Proxy-Client-IP/WL- Proxy-Client-IP ：這個(gè)一般是經(jīng)過apache http服務(wù)器的請求才會有，用apache http做代理時(shí)一般會加上Proxy-Client-IP請求頭，而WL-Proxy-Client-IP是他的weblogic插件加上的頭。
HTTP_CLIENT_IP ：有些代理服務(wù)器會加上此請求頭。
X-Real-IP ：nginx代理一般會加上此請求頭。

/**
 * 獲取用戶真實(shí)IP地址，不使用request.getRemoteAddr()的原因是有可能用戶使用了代理軟件方式避免真實(shí)IP地址,
 * 可是，如果通過了多級反向代理的話，X-Forwarded-For的值并不止一個(gè)，而是一串IP值
 */
 private String getIpAddr(HttpServletRequest request) {
 String ip = request.getHeader("x-forwarded-for");
 System.out.println("x-forwarded-for ip: " + ip);
 if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
  // 多次反向代理后會有多個(gè)ip值，第一個(gè)ip才是真實(shí)ip
  if( ip.indexOf(",")!=-1 ){
  ip = ip.split(",")[0];
  }
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("Proxy-Client-IP");
  System.out.println("Proxy-Client-IP ip: " + ip);
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("WL-Proxy-Client-IP");
  System.out.println("WL-Proxy-Client-IP ip: " + ip);
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("HTTP_CLIENT_IP");
  System.out.println("HTTP_CLIENT_IP ip: " + ip);
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("HTTP_X_FORWARDED_FOR");
  System.out.println("HTTP_X_FORWARDED_FOR ip: " + ip);
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("X-Real-IP");
  System.out.println("X-Real-IP ip: " + ip);
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getRemoteAddr();
  System.out.println("getRemoteAddr ip: " + ip);
 }
 System.out.println("獲取客戶端ip: " + ip);
 return ip;
 }

import javax.servlet.http.HttpServletRequest;

/**
* IP校驗(yàn)
*/
public class IPUtils {

 public static String getClientAddress(HttpServletRequest request) {
 if (request == null) {
  return "unknown";
 }
 String ip = request.getHeader("x-forwarded-for");
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("Proxy-Client-IP");
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("X-Forwarded-For");
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("WL-Proxy-Client-IP");
 }
 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getHeader("X-Real-IP");
 }

 if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
  ip = request.getRemoteAddr();
 }
 return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip;
 }

}

public String getIpAddr(HttpServletRequest request){
 String ipAddress = request.getHeader("x-forwarded-for");
  if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
  ipAddress = request.getHeader("Proxy-Client-IP");
  }
  if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
  ipAddress = request.getHeader("WL-Proxy-Client-IP");
  }
  if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
  ipAddress = request.getRemoteAddr();
  if(ipAddress.equals("127.0.0.1") || ipAddress.equals("0:0:0:0:0:0:0:1")){
   //根據(jù)網(wǎng)卡取本機(jī)配置的IP
   InetAddress inet=null;
   try {
   inet = InetAddress.getLocalHost();
   } catch (UnknownHostException e) {
   e.printStackTrace();
   }
   ipAddress= inet.getHostAddress();
  }
  }
  //對于通過多個(gè)代理的情況，第一個(gè)IP為客戶端真實(shí)IP,多個(gè)IP按照','分割
  if(ipAddress!=null && ipAddress.length()>15){ //"***.***.***.***".length() = 15
  if(ipAddress.indexOf(",")>0){
   ipAddress = ipAddress.substring(0,ipAddress.indexOf(","));
  }
  }
  return ipAddress;
 }

太平洋網(wǎng)絡(luò)IP地址查詢Web接口：http://whois.pconline.com.cn/

import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.net.HttpURLConnection;
import java.net.URL;

/**
 * 根據(jù)IP地址獲取詳細(xì)的地域信息 第一個(gè)方法是傳入ip獲取真實(shí)地址 最后一個(gè)方法是獲取訪問者真實(shí)ip 即使通過Nginx多層代理也可以獲取
 */
public class AddressUtils {

 public static String getAddresses(String content, String encodingString) throws UnsupportedEncodingException {
 // 這里調(diào)用pconline的接口
 String urlStr = "http://ip.taobao.com/service/getIpInfo.php";
 // 從http://whois.pconline.com.cn取得IP所在的省市區(qū)信息
 String returnStr = getResult(urlStr, content, encodingString);
 if (returnStr != null) {
  // 處理返回的省市區(qū)信息
  System.out.println(returnStr);
  String[] temp = returnStr.split(",");
  if (temp.length < 3) {
  return "0";// 無效IP，局域網(wǎng)測試
  }
  String country = "";
  String area = "";
  String region = "";
  String city = "";
  String county = "";
  String isp = "";
  for (int i = 0; i < temp.length; i++) {
  switch (i) {
  case 1:
   country = (temp[i].split(":"))[2].replaceAll("\"", "");
   country = decodeUnicode(country);// 國家
   break;
//   case 3:
//   area = (temp[i].split(":"))[1].replaceAll("\"", "");
//   area =decodeUnicode(area);//地區(qū)
//   break;
  case 5:
   region = (temp[i].split(":"))[1].replaceAll("\"", "");
   region = decodeUnicode(region);// 省份
   break;
  case 7:
   city = (temp[i].split(":"))[1].replaceAll("\"", "");
   city = decodeUnicode(city);// 市區(qū)
   break;
  case 9:
   county = (temp[i].split(":"))[1].replaceAll("\"", "");
   county = decodeUnicode(county);// 地區(qū)
   break;
  case 11:
   isp = (temp[i].split(":"))[1].replaceAll("\"", "");
   isp = decodeUnicode(isp);// ISP公司
   break;
  }
  }
  System.out.println(country + area + "=" + region + "=" + city + "=" + county + "=" + isp);
  StringBuffer sb = new StringBuffer(country).append(region).append(city).append(county).append(" ")
   .append(isp);
  return sb.toString();
 }
 return null;
 }

 /**
 * @param urlStr 請求的地址
 * @param content 請求的參數(shù) 格式為：name=xxx&pwd=xxx
 * @param encoding 服務(wù)器端請求編碼。如GBK,UTF-8等
 * @return
 */
 private static String getResult(String urlStr, String content, String encoding) {
 URL url = null;
 HttpURLConnection connection = null;
 try {
  url = new URL(urlStr);
  connection = (HttpURLConnection) url.openConnection();// 新建連接實(shí)例
  connection.setConnectTimeout(3000);// 設(shè)置連接超時(shí)時(shí)間，單位毫秒
  connection.setReadTimeout(3000);// 設(shè)置讀取數(shù)據(jù)超時(shí)時(shí)間，單位毫秒
  connection.setDoOutput(true);// 是否打開輸出流 true|false
  connection.setDoInput(true);// 是否打開輸入流true|false
  connection.setRequestMethod("POST");// 提交方法POST|GET
  connection.setUseCaches(false);// 是否緩存true|false
  connection.connect();// 打開連接端口
  DataOutputStream out = new DataOutputStream(connection.getOutputStream());// 打開輸出流往對端服務(wù)器寫數(shù)據(jù)
  out.writeBytes(content);// 寫數(shù)據(jù)(提交表單)
  out.flush();// 刷新
  out.close();// 關(guān)閉輸出流
  // 往對端寫完數(shù)據(jù)對端服務(wù)器返回?cái)?shù)據(jù),以BufferedReader流來讀取
  BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream(), encoding));
  StringBuffer buffer = new StringBuffer();
  String line = "";
  while ((line = reader.readLine()) != null) {
  buffer.append(line);
  }
  reader.close();
  return buffer.toString();
 } catch (IOException e) {
  e.printStackTrace();
 } finally {
  if (connection != null) {
  connection.disconnect();// 關(guān)閉連接
  }
 }
 return null;
 }

 /**
 * unicode 轉(zhuǎn)換成 中文
 */
 public static String decodeUnicode(String theString) {
 char aChar;
 int len = theString.length();
 StringBuffer outBuffer = new StringBuffer(len);
 for (int x = 0; x < len;) {
  aChar = theString.charAt(x++);
  if (aChar == '\\') {
  aChar = theString.charAt(x++);
  if (aChar == 'u') {
   int value = 0;
   for (int i = 0; i < 4; i++) {
   aChar = theString.charAt(x++);
   switch (aChar) {
   case '0':
   case '1':
   case '2':
   case '3':
   case '4':
   case '5':
   case '6':
   case '7':
   case '8':
   case '9':
    value = (value << 4) + aChar - '0';
    break;
   case 'a':
   case 'b':
   case 'c':
   case 'd':
   case 'e':
   case 'f':
    value = (value << 4) + 10 + aChar - 'a';
    break;
   case 'A':
   case 'B':
   case 'C':
   case 'D':
   case 'E':
   case 'F':
    value = (value << 4) + 10 + aChar - 'A';
    break;
   default:
    throw new IllegalArgumentException("Malformed encoding.");
   }
   }
   outBuffer.append((char) value);
  } else {
   if (aChar == 't') {
   aChar = '\t';
   } else if (aChar == 'r') {
   aChar = '\r';
   } else if (aChar == 'n') {
   aChar = '\n';
   } else if (aChar == 'f') {
   aChar = '\f';
   }
   outBuffer.append(aChar);
  }
  } else {
  outBuffer.append(aChar);
  }
 }
 return outBuffer.toString();
 }

 // 測試
 public static void main(String[] args) {
 AddressUtils addressUtils = new AddressUtils();

 /**
  * 測試IP：111.121.72.101 中國貴州省貴陽市 電信
  */
 String ip = "111.121.72.101";
 String address = "";
 try {
  address = addressUtils.getAddresses("ip=" + ip, "utf-8");
 } catch (UnsupportedEncodingException e) {
  e.printStackTrace();
 } catch (Exception e) {
  e.printStackTrace();
 }
 System.out.println(address);//中國貴州省貴陽市 電信
 }
}

到此這篇關(guān)于淺談使用Java-Web獲取客戶端真實(shí)IP的方法示例詳解的文章就介紹到這了,更多相關(guān)使用Java-Web獲取客戶端真實(shí)IP內(nèi)容請搜索腳本之家以前的文章或繼續(xù)瀏覽下面的相關(guān)文章希望大家以后多多支持腳本之家！

您可能感興趣的文章: