如何获取客户端请求真实ip
1.正常的逻辑,如果我们直接请求服务,那么在request.getRemoteAddress()就可以拿到原始客户端请求的ip2.如果新增了nginx代理,那么就只能借助XFF从header里面取了3.如果全部署在k8s,会过一道网络代理,那么在网络代理这会做一次NAT,所以如果不想丢失源ip就只能修改externalTrafficPolicy=local 不进行路由,直接在当前节点处理...
·
1.正常的逻辑,如果我们直接请求服务,那么在request.getRemoteAddress()就可以拿到原始客户端请求的ip
2.如果新增了nginx代理,那么就只能借助XFF从header里面取了
private String getIpAddr(HttpServletRequest servletRequest) {
String ips = servletRequest.getHeader("x-forwarded-for");
if (ips == null || ips.length() == 0 || "unknown".equalsIgnoreCase(ips)) {
ips = servletRequest.getHeader("Proxy-Client-IP");
}
if (ips == null || ips.length() == 0 || "unknown".equalsIgnoreCase(ips)) {
ips = servletRequest.getHeader("WL-Proxy-Client-IP");
}
if (ips == null || ips.length() == 0 || "unknown".equalsIgnoreCase(ips)) {
ips = servletRequest.getRemoteAddr();
}
String[] ipArray = ips.split(",");
String clientIP = "";
for (String ip : ipArray) {
if (!("unknown".equalsIgnoreCase(ip))) {
clientIP = ip;
break;
}
}
return clientIP;
}
3.如果全部署在k8s,会过一道网络代理,那么在网络代理这会做一次NAT,所以如果不想丢失源ip就只能修改externalTrafficPolicy=local 不进行路由,直接在当前节点处理
更多推荐
已为社区贡献1条内容
所有评论(0)