Nginx核心要领八:获取客户端真实ip一realip模块

x33g5p2x  于2021-12-20 转载在 其他  
字(2.1k)|赞(0)|评价(0)|浏览(279)

画了个请求从发起–经过–到服务器接收的流程

开发的应用怎么拿到客户端的真实IP呢?java方法获取客户端真实IP

/** 
     * 获取用户真实IP地址,不使用request.getRemoteAddr()的原因是有可能用户使用了代理软件方式避免真实IP地址, 
     * 可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串IP值 
     *  
     * @return ip
     */
    private String getIpAddr(HttpServletRequest request) {
        String ip = request.getHeader("x-forwarded-for"); 
        System.out.println("x-forwarded-for ip: " + ip);
        if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {  
            // 多次反向代理后会有多个ip值,第一个ip才是真实ip
            if( ip.indexOf(",")!=-1 ){
                ip = ip.split(",")[0];
            }
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("Proxy-Client-IP");  
            System.out.println("Proxy-Client-IP ip: " + ip);
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("WL-Proxy-Client-IP");  
            System.out.println("WL-Proxy-Client-IP ip: " + ip);
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("HTTP_CLIENT_IP");  
            System.out.println("HTTP_CLIENT_IP ip: " + ip);
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("HTTP_X_FORWARDED_FOR");  
            System.out.println("HTTP_X_FORWARDED_FOR ip: " + ip);
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getHeader("X-Real-IP");  
            System.out.println("X-Real-IP ip: " + ip);
        }  
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
            ip = request.getRemoteAddr();  
            System.out.println("getRemoteAddr ip: " + ip);
        } 
        System.out.println("获取客户端ip: " + ip);
        return ip;  
    }

可以看出获取Ip是从http的header中获取的,通过:X-Forwarded-For、X-Real-IP这两个header参数

nginx通过 realip模块取到真实IP后,需要设置到上游服务中去,这时我们的应用就能通过 X-Forwarded-For、X-Real-IP这两个header拿到客户端IP了

realip默认是不编译进nginx的,需要在configure时,通过 --without-http-realip-module 来启用这个功能

编译后nginx配置如下:

location / {
  proxy_set_header Host $host;
  #把取到的IP设置到header的上游服务中
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  
  #如果swagger没有转发端口,则可以用下面的配置
  #proxy_set_header Forwarded host=$host:$server_post;
}

版权说明 : 本文为转载文章, 版权归原作者所有 版权申明

原文链接 : https://zhuyu.blog.csdn.net/article/details/91365207

内容来源于网络,如有侵权,请联系作者删除!

nginx

相关文章

    查看更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com