服务器A被服务器B代理的,怎么能获取客户段的真实IP地址,现在在服务器A上获取的IP地址全是代理服务器B的IP地址,怎么样能获取真实的客户端的IP地址
解决方案 »
- 关于web service的一些问题
- tomcat启动出现错误
- 为什么JAVA里时间比电脑上看到的实际时间慢啊!
- XML的问题
- 有关JSP全局变量和javascript的问题
- xfire客户端访问wse3的.net webservice报错:无法理解 SOAP 头 Security。(分不够我再加)
- struts2处理中文解决反方案
- 学java过程的困扰
- 求教各位:javabean应当放到哪里才能在jsp中访问到???
- 用 jdk怎么编译ejb啊!大虾帮忙!急!!!!!
- Exception in thread "main" java.lang.ClassCastException
- WebService 和 mq 的联系?
在JSP里,获取客户端的IP地址的方法是:request.getRemoteAddr(),这种方法在大部分情况下都是有效的。但是在通过了Apache,Squid等反向代理软件就不能获取到客户端的真实IP地址了。
如果使用了反向代理软件,将http://192.168.1.110:2046/ 的URL反向代理为 http://www.bt285.cn / 的URL时,用request.getRemoteAddr()方法获取的IP地址是:127.0.0.1 或 192.168.1.110,而并不是客户端的真实IP。 经过代理以后,由于在客户端和服务之间增加了中间层,因此服务器无法直接拿到客户端的IP,服务器端应用也无法直接通过转发请求的地址返回给客户端。但是在转发请求的HTTP头信息中,增加了X-FORWARDED-FOR信息。用以跟踪原有的客户端IP地址和原来客户端请求的服务器地址。当我们访问http://www.5q520.cn /index.jsp/ 时,其实并不是我们浏览器真正访问到了服务器上的index.jsp文件,而是先由代理服务器去访问http://192.168.1.110:2046/index.jsp ,代理服务器再将访问到的结果返回给我们的浏览器,因为是代理服务器去访问index.jsp的,所以index.jsp中通过request.getRemoteAddr()的方法获取的IP实际上是代理服务器的地址,并不是客户端的IP地址。 于是可得出获得客户端真实IP地址的方法一:public String getRemortIP(HttpServletRequest request) {
if (request.getHeader("x-forwarded-for") == null) {
return request.getRemoteAddr();
}
return request.getHeader("x-forwarded-for");
} 可是当我访问http://www.5a520.cn /index.jsp/ 时,返回的IP地址始终是unknown,也并不是如上所示的127.0.0.1 或 192.168.1.110了,而我访问http://192.168.1.110:2046/index.jsp 时,则能返回客户端的真实IP地址,写了个方法去验证。原因出在了Squid上。squid.conf 的配制文件 forwarded_for 项默认是为on,如果 forwarded_for 设成了 off 则:X-Forwarded-For: unknown 于是可得出获得客户端真实IP地址的方法二:public String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值,究竟哪个才是真正的用户端的真实IP呢? 答案是取X-Forwarded-For中第一个非unknown的有效IP字符串。 如:X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130, 192.168.1.100用户真实IP为: 192.168.1.110
下面是我获取IP的方法·
public String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
但问题是还是获取不到真实的IP,还是获取的代理服务器的IP啊·
请问各位大侠问题出在那里啊·?
* 获取客户IP
* @param request
* @return
*/
public String getIpAddr(HttpServletRequest request) {
String ip = request.getHeader("x-forwarded-for");
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
--------------
我也是这样获取的,
你说的是获取客服端IP,这样就是真实的客服端IP
那与服务器代理有什么关系啊。
郁闷啊
{
String ip = null;
Enumeration enu = request.getHeaderNames();
while (enu.hasMoreElements()) {
String name = (String)enu.nextElement();
if (name.equalsIgnoreCase("X-Forwarded-For")) {
ip = request.getHeader(name);
}
else if (name.equalsIgnoreCase("Proxy-Client-IP")) {
ip = request.getHeader(name);
}
else if (name.equalsIgnoreCase("WL-Proxy-Client-IP")) {
ip = request.getHeader(name);
} if ((ip != null) && (ip.length() != 0))
break; } if ((ip == null) || (ip.length() == 0))
ip = request.getRemoteAddr(); return ip;
}用这个吧,绝对没问题,除非你的环境是集群的。
{
String ip = null;
Enumeration enu = request.getHeaderNames();
while (enu.hasMoreElements()) {
String name = (String)enu.nextElement();
if (name.equalsIgnoreCase("X-Forwarded-For")) {
ip = request.getHeader(name);
}
else if (name.equalsIgnoreCase("Proxy-Client-IP")) {
ip = request.getHeader(name);
}
else if (name.equalsIgnoreCase("WL-Proxy-Client-IP")) {
ip = request.getHeader(name);
} if ((ip != null) && (ip.length() != 0))
break; } if ((ip == null) || (ip.length() == 0))
ip = request.getRemoteAddr(); return ip;
}
然后通过String fileSize=(double)(f.length()/1024/1024)+"M";
得到文件的大小,如果path是绝对地址的话,那么fileSize就是能得到的。比如path="c://dd/f.rar"那么 f.rar的大小就能得到。
public String getIpAddr() {
String ipAddress = null;
ipAddress = request.getRemoteAddr();
ipAddress = request.getHeader("x-forwarded-for");
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
} //对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if(ipAddress!=null && ipAddress.length()>15){ //"***.***.***.***".length() = 15
if(ipAddress.indexOf(",")>0){
ipAddress = ipAddress.substring(0,ipAddress.indexOf(","));
}
}
return ipAddress;
}
public String getIpAddr() {
String ipAddress = null;
ipAddress = request.getRemoteAddr();
ipAddress = request.getHeader("x-forwarded-for");
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if(ipAddress == null || ipAddress.length() == 0 || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
} //对于通过多个代理的情况,第一个IP为客户端真实IP,多个IP按照','分割
if(ipAddress!=null && ipAddress.length()>15){ //"***.***.***.***".length() = 15
if(ipAddress.indexOf(",")>0){
ipAddress = ipAddress.substring(0,ipAddress.indexOf(","));
}
}
return ipAddress;
}
ipAddress = request.getRemoteAddr();
该处就可以获得代理的IP,下面的代码点用都没有难道就不能获得真实的IP吗
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
//可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串Ip值
//是取X-Forwarded-For中第一个非unknown的有效IP字符串
String[] str = ip.split(",");
if(str!=null && str.length>1){
ip = str[0];
}
return ip;
}
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
//可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串Ip值
//是取X-Forwarded-For中第一个非unknown的有效IP字符串
String[] str = ip.split(",");
if(str!=null && str.length>1){
ip = str[0];
}
return ip;
}不管是那个方法request.getHeader("x-forwarded-for");
request.getHeader("Proxy-Client-IP");
request.getHeader("WL-Proxy-Client-IP");
这样去获取IP都是为空的
request.getRemoteAddr()这里可以获取到IP,但是就是获取到代理的IP啊·
有人知道为什么不啊?
另外看到一些专门做IP限制的,能穿过代理,获取真实的IP,不知道是什么原理,希望有人赐教,谢谢
public class GetIPMAC {
String OutPutStream = new String();
int a;
char b;
int power = 1;
String c = null;
String res;
URLConnection urlcon; public String dayinji(int power, char d) { if (power == 1) {
res = String.valueOf(d);
} else {
res = "";
}
return res;
} public String getIP() {
try {
URL url = new URL("http://www.cz88.NET/ip/viewip468.ASPx");
urlcon = url.openConnection();
int i = urlcon.getContentLength();
if (i > 0) {
InputStream isr = urlcon.getInputStream();
InputStreamReader is = new InputStreamReader(isr, "GB2312");
int spower = 0;
while ((a = is.read()) != -1) {
b = (char) a;
OutPutStream = OutPutStream + "" + dayinji(power, b);
c = String.valueOf(b);
if (OutPutStream.indexOf("IPMessage\">") > 0) {
OutPutStream = "";
power = 1;
spower = 1;
}
if (spower == 1) {
if (c.equalsIgnoreCase("<")) {
power = 0;
}
}
}
OutPutStream = OutPutStream.replaceAll(">", "");
OutPutStream = OutPutStream.replaceAll("", "");
OutPutStream = OutPutStream.replaceAll("<", "");
} else {
System.out.println("Length is null.");
}
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return OutPutStream;
}
}
<html>
<head>
<script language="javascript">
var MACAddr;
var IPAddr;
var DomainAddr;
var sDNSName;
function valid(){
//获取本机地址信息
document.form1.remoteIPAddr.value = IPAddr;
document.form1.remoteMACAddr.value = MACAddr;
document.form1.remoteName.value = sDNSName;
}
</script>
<script language="javascript" event=OnObjectReady(objObject,objAsyncContext) for=foo>
if(objObject.IPEnabled != null && objObject.IPEnabled != "undefined" && objObject.IPEnabled == true) {
if(objObject.MACAddress != null && objObject.MACAddress != "undefined"){
MACAddr = objObject.MACAddress;
}
if(objObject.IPEnabled && objObject.IPAddress(0) != null && objObject.IPAddress(0) != "undefined"){
IPAddr = objObject.IPAddress(0);
}
if(objObject.DNSHostName != null && objObject.DNSHostName != "undefined"){
sDNSName = objObject.DNSHostName;
}
}
</script>
</head>
<body>
<OBJECT id=locator classid=CLSID:76A64158-CB41-11D1-8B02-00600806D9B6 VIEWASTEXT></OBJECT>
<OBJECT id=foo classid=CLSID:75718C9A-F029-11d1-A1AC-00C04FB6C223></OBJECT>
<SCRIPT language="javascript">
var service = locator.ConnectServer();
service.Security_.ImpersonationLevel=3;
service.InstancesOfAsync(foo, 'Win32_NetworkAdapterConfiguration');
</SCRIPT>
</body>
</html>