如果是为了记录IP访问记录,则可采用如下方法(包含了大部分服务代理):
public String getIpAddress(HttpServletRequest request) {
String ip = null;//X-Forwarded-For:Squid 服务代理String ipAddresses = request.getHeader("X-Forwarded-For");String unknown = "unknown";if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {//Proxy-Client-IP:apache 服务代理ipAddresses = request.getHeader("Proxy-Client-IP");}if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {//WL-Proxy-Client-IP:weblogic 服务代理ipAddresses = request.getHeader("WL-Proxy-Client-IP");}if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {//HTTP_CLIENT_IP:有些代理服务器ipAddresses = request.getHeader("HTTP_CLIENT_IP");}if (ipAddresses == null || ipAddresses.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {//X-Real-IP:nginx服务代理ipAddresses = request.getHeader("X-Real-IP");}//有些网络通过多层代理,那么获取到的ip就会有多个,一般都是通过逗号(,)分割开来,并且第一个ip为客户端的真实IPif (ipAddresses != null && ipAddresses.length() != 0) {ip = ipAddresses.split(",")[0];}//还是不能获取到,最后再通过request.getRemoteAddr();获取if (ip == null || ip.length() == 0 || unknown.equalsIgnoreCase(ipAddresses)) {ip = request.getRemoteAddr();}return ip;}
如果是用于IP白名单设置,则可采用如下方法:
@Value("#{'${ip.free.path}'.split(',')}")private List<String> ipFreePath;public boolean isFreeIp(HttpServletRequest request) {
//无法伪造String ip = request.getRemoteAddr();if (ipFreePath.contains(ip)) {return true;}return false;}